Download

Werk #15671: SAML: use RSA-SHA256 to sign authentication requests

Komponente Setup, site management
Titel SAML: use RSA-SHA256 to sign authentication requests
Datum 24.04.2023
Checkmk Edition Checkmk Enterprise (CEE)
Checkmk-Version 2.2.0b7 2.3.0b1
Level Kleine Änderung
Klasse Neues Feature
Kompatibilität Kompatibel - benötigt kein manuelles Eingreifen

Checkmk would sign its authentication requests with RSA-SHA512. However, some identity providers (e.g. some versions of Microsoft ADFS) do not support any signature algorithms beyond SHA256. As a result, the authentication requests would be rejected with an error message similar to

"Error details: MSIS7093: The message is not signed with expected signature algorithm. Message is signed with signature algorithm http://www.w3.org/2001/04/xmldsig-more#rsa-sha512. Expected signature algorithm http://www.w3.org/2001/04/xmldsig-more#rsa-sha256."

For this reason, Checkmk now uses RSA-SHA256 to sign its authentication requests.

Zur Liste aller Werks

Überzeugen Sie sich selbst

Testen Sie Checkmk jetzt.

Raw Edition herunterladen Kostenloses Open-Source-Monitoring
Play with Checkmk Checkmk ohne Installation ausprobieren
checkmk_conference_10.png

Das Highlight des Jahres: Vom 11. - 13. Juni 2024 kommt die Checkmk Community in München zusammen.

Register now