It is forbidden to use algorithm http://www.w3.org/2000/09/xmldsig#rsa-sha1 when secure validation is enabled #2957
Comments
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
{{ message }}
It is forbidden to use algorithm http://www.w3.org/2000/09/xmldsig#rsa-sha1 when secure validation is enabled
Description
While working on a project where i need to migrate code base from java 8 to java21.
Some test cases are failing with these error
javax.xml.crypto.MarshalException: It is forbidden to use algorithm http://www.w3.org/2000/09/xmldsig#rsa-sha1 when secure validation is enabled
After that i made changes to java.security file to enable it i made below changes:
jdk.xml.dsig.secureValidationPolicy= maxTransforms 5,\ maxReferences 30,\ disallowReferenceUriSchemes file http https,\ minKeySize RSA 1024,\ minKeySize DSA 1024,\ minKeySize EC 224,\ noDuplicateIds,\ noRetrievalMethodLoopsAfter that some test cases ran successfully but for one test class getting this error
javax.xml.crypto.dsig.XMLSignatureException: cannot find validation keyfor xml file digital signature not working.I totally blocked here Don't know what i can do next.I can't update Algo to higher version like RSA256 .I want to enable rsa-sha1.
Any Help will be appreciated.
Is this a question about how to use FusionAuth? Please consider posting on the FusionAuth forum instead.
Community guidelines
All issues filed in this repository must abide by the FusionAuth community guidelines.
The text was updated successfully, but these errors were encountered: