When an application tries to ping the OIA hub, the certificate listed uses both SHA-1 and SHA-256. The security settings and accepted hash algorithms don't include SHA-1 and on ping out the call fails as it is not sufficient for our hash algorithm requirements.