Symptom
- When SSO BizX will upgrade the certificate based on SHA1?
- Is Single Sign On be upgraded from SHA1 to SHA256?
- Is there any security concern if I continue to use SHA1?
Environment
SAP SuccessFactors HXM Suite
Resolution
SAP SuccessFactors is recommending customers to migrate to IAS (SAP Cloud Platform Identity Authentication Service) since this authentication method already is based on SHA256.
Benefits of Using SAP Cloud Platform Identity Authentication
How to enable IAS?
Please, follow the KBA 2791410 - How to integrate SuccessFactors with SAP Cloud Identity Authentication (IAS) through Upgrade Center
You can also check our Community to further and additional information.
When SSO BizX will upgrade the certificate based on SHA1?
We have a plan to support SHA-256 certificate for SuccessFactors IdP in the upcoming release and it is in our roadmap.
For customer SSO, customer should choose IAS integration as it offers option for SHA-1 and SHA-256.
Is there any security concern if I continue to use SHA1?
Currently, SuccessFactors uses self-signed SHA-1 certificate for SuccessFactors IdP for internal application communication. Since the certificate is self-signed, it is not validated, so there is no security concern.
Keywords
sso, SAML 2.0, update, cert, SHA-1, SHA-256 , KBA , LOD-SF-PLT-SAM , SAML SSO First Time Setup , Product Enhancement