Make SHA256 the default signature method for SAML
Using SHA-1 by default forces a lot of SaaS applications (and MS ADFS) to enable workarounds so they can interact with LLNG. #2319 (closed) means we can be more aggressive with the default config without sacrificing backwards compatibility.
This change will only affect new installations
Every distro starting from xenial, stretch and centos7 (with our own lasso packages) should be compatible