1Y0-440 Question #25: Real Exam Question with Answer & Explanation

Scenario: A Citrix Architect has deployed an authentication setup with a ShareFile load-balancing virtual server. The NetScaler is configured as the Service Provider and Portalguard server is utilized as the SAML Identity Provider. While performing the functional testing, the architect finds that after the users enter their credentials on the Portalguard page by Portalguard, they get redirected back to the NetScaler Gateway page at url https://authn/fed/sps/login and receive the following error: "SAML Assertion verification failed. Please contact your administrator." The events in the nslog.log file for the issue are as follows: Feb 23 20:20:21 <loca10.err> 10.148.138.5 23/02/2018:20:20:21 GMT vorsb1 0-PPE-0 : default AAATM Message 3225369 0 : "SAML : ParseAssertion: parsed attribute NameID, value is nameid" Feb 23 20:20:21 <loca10.err> 10.148.138.5 23/02/2018:20:20:21 GMT vorsb1 0-PPE-0 : default AAATM Message 3225370 0 : "SAML: verify digest: algorithma differ, expected SHA2, found SHA256" Feb 23 20:20:44 <loca10.err> 10.148.138.5 23/02/2018:20:35:44 GMT vorsb1 0-PPE-0 : default AAATM Message 3225373 0 : "SAML : ParseAssertion: parsed attribute NameID, value is nameid" Feb 23 20:20:44 <loca10.err> 10.148.138.5 23/02/2018:20:35:44 GMT vorsb1 0-PPE-0 : default AAATM Message 3225374 0 : "SAML: verify digest: algorithma differ, expected SHA2, found SHA256" Feb 23 20:20:55 <loca10.err> 10.148.138.5 23/02/2018:20:37:55 GMT vorsb1 0-PPE-0 : default AAATM Message 3225378 0 : "SAML : ParseAssertion: parsed attribute NameID, value is nameid" Feb 23 20:20:55 <loca10.err> 10.148.138.5 23/02/2018:20:37:55 GMT vorsb1 0-PPE-0 : default AAATM Message 3225379 0 : "SAML: verify digest: algorithma differ, expected SHA2, found SHA256" What should the architect change in the SAML action to resolve this issue?