Set or Get Self-Signed SSL Certificates for Skill Endpoints for Testing


Skills with an HTTPS endpoint require SSL certificate information to be present in the skill manifest. When you are testing your skill before you submit it for certification, your skill can use a SelfSigned sslCertificate type, and you can use the SSLCertificateSets API to set or get an SSL certificate for the endpoints provided in the skill manifest. The SSLCertificateSets API is only applicable if your sslCertificateType is SelfSigned.

For more information about SSL certificate types, see Skill Manifest: sslCertificateType.

For more information about how to configure your web service to use a self-signed certificate during testing, see Configure Your Web Service to Use a Self-signed Certificate.

The API's endpoint is https://api.amazonalexa.com. Each API request must have an Authorization header whose value should be the access token retrieved from Login with Amazon.

Set SSL certificates for endpoints in the skill manifest

Use the PUT operation to set SSL certificates for endpoints provided in the skill manifest. The following example includes the NA, EU, and FE regions.

Request

PUT /v1/skills/{skillId}/sslCertificateSets/~latest

Parameters

Field Description Parameter Type Required?
skillId Unique identifier of skill. Path Yes

Request body

{
  "sslCertificate": "{certificateValue}",
  "regions": {
    "NA": {
      "sslCertificate": "{certificateValue}"
    },
    "EU": {
      "sslCertificate": "{certificateValue}"
    },
    "FE": {
      "sslCertificate": "{certificateValue}"
    }
  }
}

Parameters

Field Description Parameter
Type
Required?
sslCertificate Default value of the SSL certificate. The regional value, if available, overrides this default value for the specified region. string Yes
regions Object containing the regions for which there is a regional sslCertificate value. Array of objects No
regions.<region> Two-letter code for the geographic region such as NA/EU/FE. enum Yes, if regions is present.
regions.<region>.sslCertificate Regional SSL certificate value for the specified region that overrides the default SSL certificate value. enum Yes, if regions is present.

Response

If successful, the API returns 204 No Content.

Exceptions

CodeMessage
400 Bad Request.
The payload for the SSL certificate is invalid.
401You do not have permissions to access this resource.
404The specified skill does not exist.
429Too many requests.
500Internal Service Error.
503Service Unavailable.

Get the associated SSL certificates for skill endpoints

Use the GET operation to get the SSL certificate sets currently associated with this skill. Each set consists of one SSL certificate blob associated with a region, as well as the default certificate for the skill.

Request

GET /v1/skills/{skillId}/sslCertificateSets/~latest

Parameters

Field Description Parameter Type Required?
skillId Unique identifier of skill. Path Yes

Response

If successful, the API returns 200 Success with the following payload, with the applicable regions represented.

{
  "sslCertificate": "{certificateValue}",
  "regions": {
    "NA": {
      "sslCertificate": "{certificateValue}"
    },
    "EU": {
      "sslCertificate": "{certificateValue}"
    },
    "FE": {
      "sslCertificate": "{certificateValue}"
    }
  }
}

Parameters

Field Description Parameter
Type
Required?
sslCertificate Default value of the SSL certificate. The regional value, if available, overrides this default value for the specified region. string Yes
regions Object containing the regions for which there is a regional sslCertificate value. Array of objects No
regions.<region> Two-letter code for the geographic region such as NA/EU/FE. enum Yes, if regions is present.
regions.<region>.sslCertificate Regional SSL certificate value for the specified region that overrides the default SSL certificate value. enum Yes, if regions is present.

Exceptions

CodeMessage
401You do not have permissions to access this resource.
404The specified skill or SSL certificate does not exist.
429Too many requests.
500Internal Service Error.
503Service Unavailable.

Was this page helpful?

Last updated: Nov 29, 2023