Okta SAML issue - 400 Error - certificate issue?

Hi there,
I am having an issue with Okta and Azure AD with the following.
I verified the configuration multiple times both side, all certificates are fine.

but I still have the following issue
Unable to validate incoming SAML Assertion: [_540628xx-d2ea-4454-8b20-4759e46eac00] - The digital signature in the SAML response did not validate with the Identity Provider’s certificate

Any idea what it could be ?

Thank you !

I recommend posting this to the community forums which will have more expertise in this area.