XML signatures that use SHA-1 based digest or signature algorithms have been disabled by default. SHA-1 is no longer a recommended algorithm for digital signatures. If necessary, and at their own risk, applications can workaround this policy by modifying the `jdk.xml.dsig.secureValidationPolicy` security property and re-enabling the SHA-1 algorithms.