diff --git a/powerdnsadmin/models/setting.py b/powerdnsadmin/models/setting.py
index f1185df..b1affc3 100644
--- a/powerdnsadmin/models/setting.py
+++ b/powerdnsadmin/models/setting.py
@@ -138,12 +138,12 @@ class Setting(db.Model):
         'saml_sign_request': False,
         'saml_logout': False,
         'saml_logout_url': 'https://google.com',
-        'saml_assertion_encrypted': True,
+        'saml_assertion_encrypted': False,
         'saml_digest_algorithm': 'http://www.w3.org/2000/09/xmldsig#rsa-sha1',
         'saml_signature_algorithm': 'http://www.w3.org/2000/09/xmldsig#rsa-sha1',
         'saml_want_assertions_signed': True,
-        'saml_sign_metadata': True,
-        'saml_want_message_signed': True,
+        'saml_sign_metadata': False,
+        'saml_want_message_signed': False,
         'saml_metadata_cache_duration': 'PT5M',
         'saml_metadata_valid_until': '',
         'forward_records_allow_edit': {
diff --git a/powerdnsadmin/services/saml.py b/powerdnsadmin/services/saml.py
index 8161ad1..32fe098 100644
--- a/powerdnsadmin/services/saml.py
+++ b/powerdnsadmin/services/saml.py
@@ -170,12 +170,12 @@ class SAML(object):
         settings['debug'] = Setting().get('saml_debug')
         settings['security'] = {}
         settings['security'][
-            'digestAlgorithm'] = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'
+            'digestAlgorithm'] = Setting().get('saml_digest_algorithm')
         settings['security']['metadataCacheDuration'] = None
         settings['security']['metadataValidUntil'] = None
         settings['security']['requestedAuthnContext'] = True
         settings['security'][
-            'signatureAlgorithm'] = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'
+            'signatureAlgorithm'] = Setting.get('saml_signature_algorithm')
         settings['security']['wantAssertionsEncrypted'] = Setting().get('saml_assertion_encrypted')
         settings['security']['wantAttributeStatement'] = True
         settings['security']['wantNameId'] = True