AES256-CBC for encryption?
Wessel, Keith
kwessel at illinois.edu
Mon May 13 12:10:22 EDT 2019
Sadly, no, no duplicate metadata for these guys. That would have been an easy fix.
I'm assuming this part of the encrypted assertion block in the response is what we care about?
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" />
Are there any relying party or security configuration settings I might have that you don't that would prevent the IdP from honoring the encryption method in metadata?
Thanks,
Keith
-----Original Message-----
From: users <users-bounces at shibboleth.net> On Behalf Of Cantor, Scott
Sent: Monday, May 13, 2019 10:44 AM
To: Shib Users <users at shibboleth.net>
Subject: Re: AES256-CBC for encryption?
I tested using exactly your example, it worked fine. Maybe you hadn't reloaded the metadata or there's a duplicate somewhere.
-- Scott
--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users
mailing list