--- a/saml/univention-saml/listener/univention-saml-simplesamlphp-configuration.py	
+++ a/saml/univention-saml/listener/univention-saml-simplesamlphp-configuration.py	
@@ -182,6 +182,10 @@ def write_configuration_file(dn, new, filename):
 		if new.get('privacypolicyURL'):
 			fd.write("	'privacypolicy'	=> %s,\n" % php_string(new.get('privacypolicyURL')[0]))
 
+		fd.write("	'sign.logout' => true,\n")
+		fd.write("	'saml20.sign.response' => true,\n")
+		fd.write("	'saml20.sign.assertion' => true,\n")
+
 		fd.write("	'authproc' => array(\n")
 		if not metadata:  # TODO: make it configurable
 			# make sure that only users that are enabled to use this service provider are allowed