We’re in the process of upgrading our integration from SAML v2.0 for .NET version 2.5.0.19 to 2.6.0.16. We’ve gotten through the saml.config changes necessary but are running into an oddity. Our asp.net 3.5 application is throwing the exception “System.Security.Cryptography.CryptographicException: SignatureDescription could not be created for the signature algorithm supplied.” on InitiateSSO.
This 1. worked on 2.5.0.19 and 2. it’s a SHA-1 certificate in use.
Since v2.6.0.14, we default to SHA-256 rather than SHA-1. This is in keeping with the general industry move to SHA-256.
We still support SHA-1 but you have to specify this, as described in the following post.
http://www.componentspace.com/Forums/5316/SHA1-vs-SHA256-XML-signatures
[quote][/quote]
Since v2.6.0.14, we default to SHA-256 rather than SHA-1. This is in keeping with the general industry move to SHA-256.
We still support SHA-1 but you have to specify this, as described in the following post.
http://www.componentspace.com/Forums/5316/SHA1-vs-SHA256-XML-signatures
We still support SHA-1 but you have to specify this, as described in the following post.
http://www.componentspace.com/Forums/5316/SHA1-vs-SHA256-XML-signatures
Thanks. Your XSD is updated but the documentation at http://www.componentspace.com/Documentation/SAML%20v2.0%20Developer%20Guide.pdf page 23 and other references still identify SHA1 as the default.
Thanks for pointing this out.
I’ll see that it’s updated.