search cancel

Singing algorithm is coming as SHA1 in Metadata export even though we select SHA256 in Entity/Partnership


Article ID: 4732


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On


We could see that Singing algorithm is coming as SHA1 in Metadata even though we select SHA256 in Entity/Partnership. 


<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" ID="SM278b11a41bf75c62634a3aa72fb940bc66a60c4186" entityID="sharuIDP" validUntil="2016-05-09T14:04:49.430+00:00"> 

<ds:Signature xmlns:ds=""> 


<ds:CanonicalizationMethod Algorithm="" /> 

<ds:SignatureMethod Algorithm="" /> 

<ds:Reference URI="#SM278b11a41bf75c62634a3aa72fb940bc66a60c4186"> 


<ds:Transform Algorithm="" /> 

<ds:Transform Algorithm="" /> 


<ds:DigestMethod Algorithm="" /> 





R12.51 and R12.52 SP1


We were not passing selected signing algorithm while exporting meta data. So it is taking default signing algorithm as SHA1 while exporting meta data. This is a defect Identified in R12.51 CR04


This Defect is fixed in r12.52 SP1 CR05 and r12.51 CR10

Kindly upgrade your policy server and adminui to the above mentioned versions to get the fix.

Additional Information