Managing certificates from partners
Manage certificates for various connections involving signature verification, encryption, and back-channel authentication to effectively process messages to and from partners.
About this task
You receive certificates from partners for signature verification, encryption, and back-channel authentication. They are managed within connections.
Depending on the use cases, your connection to the partner might not require signature verification, encryption, inbound (SOAP) back-channel authentication by client certificate, or any such combinations. If so, the Activation & Summary window does not display the related administrative window. |
Signature verification
Specify one or more certificates that PingFederate can use to validate the digital signatures found in inbound messages from your partners.
Steps
-
Select the connection to reach its Activation & Summary window.
-
Select Signature Verification Certificate.
-
Click Manage Certificates.
You can import, export, review, activate, deactivate, and remove certificates for signature verification on the Certificate Management window.
Encryption
Specify a certificate that PingFederate uses to encrypt outbound messages before delivering them to your partners.
Steps
-
Select the connection to reach its Activation & Summary window.
-
Select Select XML Encryption Certificate.
-
Click Manage Certificates.
You can import, export, review, activate, and remove certificates for encryption on the Certificate Management window.
Back-channel authentication
Specify a certificate that PingFederate uses to authenticate inbound (SOAP) messages from your partners by their client certificates.
Steps
-
Select the connection to reach its Activation & Summary window.
-
Select SSL Verification Certificate.
-
Click Manage Certificates.
You can import, export, review, activate, and remove certificates for back-channel authentication on the Certificate Management window.