Welcome Dialog

Welcome to the Community!

We have a brand new look! Take a tour with us and explore the latest updates on Adobe Support Community.


Discontinued Support of Deprecated SHA-1 IdP Configurations

Adobe Employee ,
Jul 22, 2020 Jul 22, 2020

Copy link to clipboard

Copied

As of October 31, 2020, Adobe discontinued support of deprecated SHA-1 configurations for federated directories within Adobe Admin Consoles. If your organization has one or more federated directories utilizing a deprecated SHA-1 certificate, or a directory that was converted as part of the SHA-256 Pilot, you must immediately migrate to prevent impact to end user access of Adobe products and services.

 

Migration of federated directories to SHA-256 protocol aligns with industry standard, providing a more secure and direct integration with Adobe of your directory's authentication profiles. A self-service feature is available in the Adobe Admin Console that allows your organization to seamlessly migrate from a SHA-1 to a SHA-256 configuration requiring no down time and the ability to test prior to integration. With this solution, you can leverage the same directory  as well as integrate directly with your identity provider, such as Azure, Google or any SAML 2.0 provider. Within the Admin Console, any directories with a SHA-1 or SHA-256 Pilot certificate are now indicated with an icon and banner notification to alert your administrators to which directories require an update.

 

Example of a SHA-1 deprecated configurationExample of a SHA-1 deprecated configuration

 

Visit Adobe's Enterprise Administration User Guide to learn more about the self-service feature and steps to complete the required update. Enterprise customers can also input a support ticket via the Adobe Admin Console for assistance with the migration.

TOPICS
Admin console, Enterprise, Identity and SSO

Views

2.1K

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Aug 06, 2020 Aug 06, 2020

Copy link to clipboard

Copied

LATEST

Does the update require the IDP to generate a new cert/keypair or the metadta change is on the Adobe as a SP ?

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines