Question:
Is SHA-2 functionality supported in Vault?
Answer:
Yes. SHA-2 functionality is supported in Vault by selecting the SHA-256 option in the Vault SAML Profile.
The proper way to test this is to do the following:
- Create a new SAML Profile that uses the SHA-256 algorithm.
- Load the new certificate into a test environment on the customer's internal network.
- Point the new SAML profile to this certificate.
Related Documentation:
Vault Single Sign-On Documentation: About Signature & Digest Algorithm