https://live.paloaltonetworks.com/t5/prisma-access-discussions/decryption-profile-what-does-not-selecting-an-auth-algorithm/m-p/562756#M605 <P>Hello,</P> <P>Our internal security team is suggesting we disable SHA1 as an authentication algorithm for our decryption profile we attach to our prisma access users. My question is, if I do uncheck that box under Objects &gt; decryption &gt; decryption profile &gt; Authentication Algorithms, what acutally happens? I did this for a new profile that I'm tieing to just my user in Prisma, and I can still go to a website badssl.com and click the sites that used SHA1 somewhere in the cert and the pages still load. I was under the impression removing that auth algorithm would block traffic to sites that used SHA1.</P> Mon, 23 Oct 2023 13:34:53 GMT TravisFleming 2023-10-23T13:34:53Z https://live.paloaltonetworks.com/t5/prisma-access-discussions/decryption-profile-what-does-not-selecting-an-auth-algorithm/m-p/562756#M605 <P>Hello,</P> <P>Our internal security team is suggesting we disable SHA1 as an authentication algorithm for our decryption profile we attach to our prisma access users. My question is, if I do uncheck that box under Objects &gt; decryption &gt; decryption profile &gt; Authentication Algorithms, what acutally happens? I did this for a new profile that I'm tieing to just my user in Prisma, and I can still go to a website badssl.com and click the sites that used SHA1 somewhere in the cert and the pages still load. I was under the impression removing that auth algorithm would block traffic to sites that used SHA1.</P> Mon, 23 Oct 2023 13:34:53 GMT https://live.paloaltonetworks.com/t5/prisma-access-discussions/decryption-profile-what-does-not-selecting-an-auth-algorithm/m-p/562756#M605 TravisFleming 2023-10-23T13:34:53Z