I also only get SHA1 signed receipts. What's worse is that my recently published app update seems to fail for some users during IAP receipt validation, presumably due to my incorrect SHA256 handling. I'm not even able to reproduce this error in a sandbox environment!
sergioko
Users receive reputation points by contributing quality content to the forums.
Posts include post and replies published on the forums.
Post authors can mark replies as Accepted to indicate successful solutions.
Apple Developer Forums admins can mark replies as Apple Recommended to indicate an approved solution