...
Whether the Shibboleth SP can consume a message signed with an algorithm other than SHA-1 depends on the underlying OpenSSL library. On RedHat version 4 (a very old, unsupported version) the OpenSSL version is old enough (0.9.7) that it cannot consume messages signed, for example, with any of the digest algorithms collectively known as SHA-2 (SHA-224, SHA-256, SHA-384 or SHA-512). The OpenSSL version cutoff point is SHA-2 support was introduced into OpenSSL with version 0.9.78.
A particularly difficult platform to assess is Solaris, and a lot of commercial vendors use it. Many different versions of OpenSSL may be in use depending on how open source software is managed in a particular Solaris environment. Heavy testing is recommended.
...