Forum Discussion

Altostratus

Oct 13, 2015

SSO signature algorithm

I am in the midst of configuring SSO on APM (11.6) with F5 as IdP. In my exported metadata I see http://www.w3.org/2000/09/xmldsigrsa-sha1" /> This caused some heartache for the SP. When exporting m...

BIG-IP Access Policy Manager (APM)

Altocumulus

Oct 13, 2015

Signing algorithm is not configurable for exported signed metadata. According to metadata specification, rsa-sha1 should be supported by all implementations:

3.1.1 Signing Formats and Algorithms SAML metadata MUST use enveloped signatures when signing the elements defined in this specification. SAML processors SHOULD support the use of RSA signing and verification for public key operations in accordance with the algorithm identified by http://www.w3.org/2000/09/xmldsigrsa-sha1.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)