Solved: Re: TWX failed "The security strength of SHA-1 dig...

taruchamy · ‎Oct 07, 2021

Dear Experts,

Once after configuring TWX with Azure SSO - sso-settings.json, symmetric etc., and launching thingworx - If fails with error "The security strength of SHA-1 digest algorithm is not sufficient for this key size"

Anyone have came across this error ? -

TWX : 9.1

WC : 11.1

Azure

Security log :

2021-10-06 13:25:27.982+0000 [L: ERROR] [O: S.c.t.s.a.AuthenticationFilter] [I: ] [U: ] [S: ] [P: ] [T: http-nio-8080-exec-6] Could not handle request
2021-10-06 13:25:27.982+0000 [L: ERROR] [O: S.c.t.s.a.AuthenticatorExceptionHandler] [I: ] [U: ???] [S: ] [P: ] [T: http-nio-8080-exec-6] errorMessage: [Unauthorized], statusCode: [401]
2021-10-06 13:25:27.982+0000 [L: ERROR] [O: S.c.t.s.a.AuthenticatorExceptionHandler] [I: ] [U: ???] [S: ] [P: ] [T: http-nio-8080-exec-6] [ org.opensaml.ws.message.encoder.MessageEncodingException: Unable to sign URL query string ][ Unable to sign URL query string ][ Error during signature generation ][ The security strength of SHA-1 digest algorithm is not sufficient for this key size ]

slangley · ‎Nov 04, 2021

Hi @taruchamy.

Is doesn't sound like it's supported: https://stackoverflow.com/questions/60336224/azure-devops-removed-sha1-support

Regards.

--Sharon

View solution in original post

slangley · ‎Nov 04, 2021

Hi @taruchamy.

Is doesn't sound like it's supported: https://stackoverflow.com/questions/60336224/azure-devops-removed-sha1-support

Regards.

--Sharon

TWX failed "The security strength of SHA-1 digest algorithm is not sufficient for this key size"

TWX failed "The security strength of SHA-1 digest algorithm is not sufficient for this key size"