Using separate IdP and SP servers
This configuration requires some familiarity with PingFederate and SSL certificate management. |
You can also choose to deploy the data.zip
archive on separate PingFederate servers functioning as in a specific identity-federation role. To do this, deploy the archive on each server, and then deactivate the identity provider (IdP) federation role on one server and the service provider (SP) role on the other.
You’ll then need to change the Base URL on the General Info screens for each connection to the respective partner’s host and port (to update SSO and SLO partner protocol endpoints).
Finally, you might need to install and exchange new SSL server certificates on each server to reestablish trust between them.