Idea ID 1682296
We want to implement SAML in our OO environment. During a POC we encountered a problem related to the hashing of OO's meta data XML. The default hashing method is SHA1. Because SHA1 isn't allowed by company policy we want to change the hashing method to SHA256.
One way to achieve this is to install OO as "FIPS140-2" compliant. A big disadvantage of FIPS140-2 compliancy is that the one and only fallback scenario is a whole new clean OO installation. Besides that we're currently encountering some issues during the FIPS compliant POC installation. After installing OO as FIPS compliant (using the MF documentation) the hashing of the meta data XML is still SHA1.
In the URL below I found a much more easier possible solution but this solution requires some modification in a JAR file. We obviously cant modify this JAR file ourselves.
We would like to be able to configure the hashing mechanism (SHA1 or SHA256) of the meta data XML ourselves. For example using a configuration file which we can modify. Can you help us with that?
Thijs de With
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.