cancel
Showing results for 
Search instead for 
Did you mean: 
Security Alert Log4j Security Vulnerability. Click here to know more.
cancel
Showing results for 
Search instead for 
Did you mean: 

TWX failed "The security strength of SHA-1 digest algorithm is not sufficient for this key size"

taruchamy
9-Granite

TWX failed "The security strength of SHA-1 digest algorithm is not sufficient for this key size"

Dear Experts, 

 

Once after configuring TWX with Azure SSO - sso-settings.json, symmetric etc., and launching thingworx - If fails with error "The security strength of SHA-1 digest algorithm is not sufficient for this key size"

 

Anyone have came across this error ? - 

 

TWX : 9.1

WC : 11.1

Azure

 

Security log :

 

2021-10-06 13:25:27.982+0000 [L: ERROR] [O: S.c.t.s.a.AuthenticationFilter] [I: ] [U: ] [S: ] [P: ] [T: http-nio-8080-exec-6] Could not handle request
2021-10-06 13:25:27.982+0000 [L: ERROR] [O: S.c.t.s.a.AuthenticatorExceptionHandler] [I: ] [U: ???] [S: ] [P: ] [T: http-nio-8080-exec-6] errorMessage: [Unauthorized], statusCode: [401]
2021-10-06 13:25:27.982+0000 [L: ERROR] [O: S.c.t.s.a.AuthenticatorExceptionHandler] [I: ] [U: ???] [S: ] [P: ] [T: http-nio-8080-exec-6] [ org.opensaml.ws.message.encoder.MessageEncodingException: Unable to sign URL query string ][ Unable to sign URL query string ][ Error during signature generation ][ The security strength of SHA-1 digest algorithm is not sufficient for this key size ]

 

 

1 ACCEPTED SOLUTION

Accepted Solutions
slangley
23-Emerald I
(To:taruchamy)

Hi @taruchamy.

 

Is doesn't sound like it's supported: https://stackoverflow.com/questions/60336224/azure-devops-removed-sha1-support

 

Regards.

 

--Sharon

 

 

View solution in original post

1 REPLY 1
slangley
23-Emerald I
(To:taruchamy)

Hi @taruchamy.

 

Is doesn't sound like it's supported: https://stackoverflow.com/questions/60336224/azure-devops-removed-sha1-support

 

Regards.

 

--Sharon

 

 

View solution in original post

Announcements