diff --git a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBSAML.pm b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBSAML.pm
index f4d8ef602..82212bf99 100644
--- a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBSAML.pm
+++ b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBSAML.pm
@@ -232,10 +232,14 @@ sub issuerForUnAuthUser {
                 $self->lmLog( "Set $relaystate in RelayState", 'debug' );
             }
 
-            # Logout response
-            unless ( $self->buildLogoutResponseMsg($logout) ) {
-                $self->lmLog( "Unable to build SLO response", 'error' );
-                return PE_ERROR;
+            # Signature
+            my $signSLOMessage =
+              $self->{samlSPMetaDataOptions}->{$spConfKey}
+              ->{samlSPMetaDataOptionsSignSLOMessage};
+
+            unless ($signSLOMessage) {
+                $self->lmLog( "Do not sign this SLO response", 'debug' );
+                return PE_ERROR unless ( $self->disableSignature($logout) );
             }
 
             # Send logout response
@@ -683,6 +687,16 @@ sub issuerForAuthUser {
             # Set response assertion
             $login->response->Assertion(@response_assertions);
 
+            # Signature
+            my $signSSOMessage =
+              $self->{samlSPMetaDataOptions}->{$spConfKey}
+              ->{samlSPMetaDataOptionsSignSSOMessage};
+
+            unless ($signSSOMessage) {
+                $self->lmLog( "Do not sign this SSO response", 'debug' );
+                return PE_ERROR unless ( $self->disableSignature($login) );
+            }
+
             # Build SAML response
             $protocolProfile = $login->protocolProfile();
 
@@ -942,6 +956,16 @@ sub issuerForAuthUser {
                     'debug' );
             }
 
+            # Signature
+            my $signSLOMessage =
+              $self->{samlSPMetaDataOptions}->{$spConfKey}
+              ->{samlSPMetaDataOptionsSignSLOMessage};
+
+            unless ($signSLOMessage) {
+                $self->lmLog( "Do not sign this SLO response", 'debug' );
+                return PE_ERROR unless ( $self->disableSignature($logout) );
+            }
+
             # Send logout response. The process could be stopped here, if no
             # there are no providers to wait for logout via HTTP-REDIRECT
             # method.
diff --git a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_SAML.pm b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_SAML.pm
index 386071d71..a9df75700 100644
--- a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_SAML.pm
+++ b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_SAML.pm
@@ -2069,8 +2069,9 @@ sub sendLogoutRequestToServiceProvider {
         return ( 0, undef, undef );
     }
 
-    # Get SP Name from EntityID
+    # Get SP Name and Conf Key from EntityID
     my $providerName = $self->{_spList}->{$providerID}->{name};
+    my $spConfKey    = $self->{_spList}->{$providerID}->{confKey};
 
     # Get first HTTP method
     my $protocolType = Lasso::Constants::MD_PROTOCOL_TYPE_SINGLE_LOGOUT;
@@ -2082,6 +2083,17 @@ sub sendLogoutRequestToServiceProvider {
     # Fix a default value for the relay parameter
     $relay = 0 unless ( defined $relay );
 
+    # Signature
+    my $signSLOMessage =
+      $self->{samlSPMetaDataOptions}->{$spConfKey}
+      ->{samlSPMetaDataOptionsSignSLOMessage};
+
+    unless ($signSLOMessage) {
+        $self->lmLog( "Do not sign this SLO request", 'debug' );
+        return ( 0, undef, undef )
+          unless ( $self->disableSignature($logout) );
+    }
+
     # Build the request unless this is a SOAP relay logout request
     unless ( $method == Lasso::Constants::HTTP_METHOD_SOAP && $relay ) {