Hi,

after upgrading IDPs from version 4.2.2 to 4.4, we have problems with some of the SAML SPs.
As far as I can tell, problem is with signature method algorithm.

Before upgrade, SAML response had:
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />

After upgrade, SAML response have:
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />

And we are getting errors like:
System.Security.Cryptography.CryptographicExceptio n: SignatureDescription could not be created for the signature algorithm supplied

I've tried to set "SAML2 SIGN METHODDIGEST SHA256" to false or remove that option, but signature method in SAML response is still rsa-sha256.

Is there any other possibility (like "hidden" setting in web.xml) to change signature method back to rsa-sha1?

Thanks, Sebastijan