Using mutual SSL and TLS authentication
In addition to Basic authentication, applications may use client-certificate authentication to communicate with PingFederate and the ReferenceID Adapter. To use this authentication for PingFederate 6.x and higher, the secondary SSL port must be configured, and application calls must use this port.
Your server may already be configured to use the secondary port for other back-channel SSO scenarios (for example, using SOAP). If not, follow this procedure:
- In the
<pf-install>/pingfederate/bin directory, open the file
run.properties and change the pf.secondary.https.port value from
-1 to a
valid port number.
For more information about this property and related configuration
settings, see PingFederate properties in the
PingFederate Administrator’s Manual.
- Start or restart PingFederate.
- Parent Topic
Capability > Single Sign On; Hosting Environment > On-Premises; Product > Adapters and Integration Kits; Product > Adapters and Integration Kits > Integration Kits