Change SHA1 to other algorithm as default signature digest for (Non-soap) Sign XML Element assertion and Build SAML Protocol Response assertions
search cancel

Change SHA1 to other algorithm as default signature digest for (Non-soap) Sign XML Element assertion and Build SAML Protocol Response assertions

book

Article ID: 244713

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction


Are there ways to enable SHA256 or others algorithm in the 'Create SAML Token' or in the 'Build SAML Protocol Response'? Or is there an option to make SHA-256 as default signature digest for (Non-soap) Sign XML Element assertion and Build SAML Protocol Response assertions? 
We are facing an issue building SAML responses with GWs, because there is only the SHA1 option and it is deprecated.

Environment

Release : 10.x

Component :

Resolution

Setting CWP "wss.decorator.digsig.messagedigest" to SHA-256 changed the response algorithms accordingly

https://api-broadcom-ca.wolkenservicedesk.com/attachment/get_attachment_content?uniqueFileId=ObGwg+D7zE5K+bOdtksXXw==

 

Powered by Wolken Software