diff --git a/aws/rust-runtime/aws-sigv4/src/http_request/canonical_request.rs b/aws/rust-runtime/aws-sigv4/src/http_request/canonical_request.rs
index 8bd0e0b9313..c9582252d7f 100644
--- a/aws/rust-runtime/aws-sigv4/src/http_request/canonical_request.rs
+++ b/aws/rust-runtime/aws-sigv4/src/http_request/canonical_request.rs
@@ -507,9 +507,10 @@ mod tests {
     };
     use crate::http_request::{SignatureLocation, SigningParams};
     use crate::sign::sha256_hex_string;
-    use http::HeaderValue;
     use http::Uri;
+    use http::{header::HeaderName, HeaderValue};
     use pretty_assertions::assert_eq;
+    use proptest::prelude::*;
     use proptest::proptest;
     use std::time::Duration;
 
@@ -707,6 +708,45 @@ mod tests {
         );
     }
 
+    proptest! {
+       #[test]
+       fn presigning_header_exclusion_with_explicit_exclusion_list_specified(
+           mut included_headers in prop::collection::vec("[a-z]{1,20}", 1..10),
+           excluded_headers in prop::collection::vec("[a-z]{1,20}", 1..10),
+       ) {
+            let mut request_builder =
+                http::Request::builder().uri("https://some-endpoint.some-region.amazonaws.com");
+            for key in included_headers.iter().chain(excluded_headers.iter()) {
+                request_builder = request_builder.header(key, "value");
+            }
+            let request = request_builder.body("").unwrap();
+
+            let request = SignableRequest::from(&request);
+
+            let settings = SigningSettings {
+                signature_location: SignatureLocation::QueryParams,
+                expires_in: Some(Duration::from_secs(30)),
+                excluded_headers: Some(
+                    excluded_headers
+                        .into_iter()
+                        .map(|header_string| {
+                            HeaderName::from_static(Box::leak(header_string.into_boxed_str()))
+                        })
+                        .collect(),
+                ),
+                ..Default::default()
+            };
+
+            let signing_params = signing_params(settings);
+            let canonical = CanonicalRequest::from(&request, &signing_params).unwrap();
+
+            let values = canonical.values.into_query_params().unwrap();
+            included_headers.push("host".to_owned());
+            included_headers.sort_unstable();
+            assert_eq!(included_headers.join(";"), values.signed_headers.as_str());
+        }
+    }
+
     #[test]
     fn test_trim_all_handles_spaces_correctly() {
         // Can't compare a byte array to a Cow so we convert both to slices before comparing