This error message is displayed by simplesaml.php v1.13.2.
The Pac4j
SAML lib has been upgraded from encrypting only in SHA-1
to encrypting SHA-256
signatures and SHA-512
digest. The SHA-512
digest method is poorly supported by this version of simplesaml.
To fix this issue, simplesaml.php
must be updated to at least v1.14.x.
The IdP must be configured to accept SHA-256
and SHA-512
encryption methods.