Security
Highlighted

How to probably configure Splunk to set authnrequests to be signed by SHA-256 signature algorithm?

New Member

Hello, I'm trying to set the authnrequests to be signed by a sha256 cert, as that's a requirement of my ldp for SAML. However, when I look at the SAML trace, it looks like it's still getting sent as a SHA1:

   <SignedInfo>
        <CanonicalizationMethod 
            Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
        <SignatureMethod 
            Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>

My authentication.conf file shows it as rsa-sha256 though:

signAuthnRequest = true
signatureAlgorithm = RSA-SHA256
signedAssertion = true
sloBinding = HTTPPost

Anybody know what I'm missing?

0 Karma
Highlighted

Re: How to probably configure Splunk to set authnrequests to be signed by SHA-256 signature algorithm?

Builder

signatureAlgorithm = RSA-SHA256

Check out the authentication.conf spec:

signatureAlgorithm = RSA-SHA1 | RSA-SHA256
* This setting is applicable only for redirect binding.

I think the binding is HTTP Post by default. Check your SAML config:

alt text

Try changing it to HTTP Redirect (if your IdP supports it).

View solution in original post

0 Karma