From 814852ca0773377e3ddcef062b99ed975abcd20a Mon Sep 17 00:00:00 2001 From: Hynek Mlnarik Date: Tue, 8 Nov 2016 08:09:50 +0100 Subject: [PATCH] KEYCLOAK-3215 Add description of fallback option --- topics/MigrationFromOlderVersions.adoc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/topics/MigrationFromOlderVersions.adoc b/topics/MigrationFromOlderVersions.adoc index b524398806..2df8dc1550 100644 --- a/topics/MigrationFromOlderVersions.adoc +++ b/topics/MigrationFromOlderVersions.adoc @@ -170,6 +170,9 @@ The version specific section below will mention if any changes are required to a Key in SAML assertions and documents are now encrypted using RSA-OAEP encryption scheme. If you want to use encrypted assertions, make sure that service providers understand this encryption scheme. +In the unlikely case that SP would not be able to handle the new scheme, {{book.project.name}} +can be made to use legacy RSA-v1.5 encryption scheme when started with system property +`keycloak.saml.key_trans.rsa_v1.5` set to `true`. ==== Migrating to 2.3.0