PingAuthorize

Creating a server profile

You can create a server profile from a configured server in PingAuthorize Server.

About this task

To create a server profile from a configured server, use the generate-profile subcommand.

Steps

  1. Create a profile directory.

    Example:

    $ mkdir -p /opt/server-profiles/pingauthorize

  2. Run generate-profile.

    Example:

    $ bin/manage-profile generate-profile --profileRoot /opt/server-profiles/pingauthorize

  3. Customize the resulting profile to suit your needs and to remove deployment environment-specific values.

    Choose from:

    • Specify a consistent location for the license key file:

      1. Copy the license key file to the server profile’s misc-files directory.

        $ cp  {pingauthorize}.lic /opt/server-profiles/pingauthorize/misc-files/

      2. Open the setup-arguments.txt file in a standard text editor.

      3. Locate the --licenseKeyFile argument.

      4. Change the value of --licenseKeyFile to the following value.

        Use PING_PROFILE_ROOT only with files that are not needed after initial setup, such as password files in setup-arguments.txt. Do not use the PING_PROFILE_ROOT variable for files needed while the server is running. The manage-profile tool creates a temporary copy of the server profile that is deleted after the tool completes, so files are not accessible under PING_PROFILE_ROOT when the server is running. For files you need while the server is running, such as keystore and truststore files, copy the files into the server root using the profile’s server-root/pre-setup directory, and then refer to the files using with the PING_SERVER_ROOT variable.

        		 
        ${PING_PROFILE_ROOT}/misc-files/{pingauthorize}.lic

      5. Save your changes.

    • Remove deployment environment-specific values and replace them with variables. For example, to refer to a different PingFederate server in your development environments versus your test environments, perform the following steps:

      1. Open the /opt/server-profiles/pingauthorize/dsconfig/00-config.dsconfig file in a standard text editor.

      2. Locate the value specified for base-url for the external server that identifies your PingFederate server.

      3. Replace the value with a variable, like ${PF_BASE_URL}.

      4. Save your changes.

      5. Create or update a server profile variables file for your development environment.

      6. Add a row like the following example to the variables file.

        PF_BASE_URL=https://sso.dev.example.com:9031

      7. Save your changes.

      8. Continue replacing deployment environment-specific values with variables until the server profile contains no more deployment environment-specific values.

        At this point, you can check the server profile in to a version-control system, like Git, share with your team, and integrate into your deployment automation.