algorithms

List of message digest algorithms to be used.

Supported algorithms:

  • MD5 default, for backward compatibility (deprecated, avoid it in production)

  • MD5-sess session variant, deprecated

  • SHA-256 recommended minimum for production use

  • SHA-256-sess session variant

  • SHA-512-256 recommended for new implementations (provides the strongest security)

  • SHA-512-256-sess session variant with the strongest security

When multiple algorithms are configured, the server will send multiple WWW-Authenticate headers, one per algorithm, allowing the client to choose.

Report a problem