How do I know if I am using SHA1 or SHA2 during SP initiated SAML calls?

    Applies to:
  • Legacy SecureAuth IdP
Deployment model:
  • On Premises
  • SecureAuth version affected: N/A


    Customer has a SP initiated realm such as Salesforce, but they do not know if they are using the SHA1 or SHA2 certificate to assert their identity. How do we confirm this?



    Programs Required:


    1. [Make sure cache is cleared before proceeding]
    2. Open Firefox and open the SAML tracker add-on
    3. Browse to the login page of the service
    4. Login to the application and you will start seeing data flow into the SAML tracker.
    5. Look at the SAML tracer. Click on the line for the POST object. Go into the SAML tab. You're looking for the tag for SignatureMethod Algorithm:



    SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.

    Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products

    0 out of 0 found this helpful



    Please sign in to leave a comment.