PingFederate Server

Connecting to a remote process

If PingFederate is running as a Windows Service, or if the org.pingidentity.RunPF class is unavailable in the Local Process list, use this procedure to establish a connection.

About this task

To enable remote JMX monitoring in PingFederate:

Steps

  1. In the Administrative Console, go to the Security → System Integration → Service Authentication window.

  2. Define the credentials that are required to connect to the PingFederate JMX service.

  3. Restart PingFederate to enable the JMX Service.

  4. If PingFederate is deployed in a clustered environment:

    1. Replicate the configuration changes on each node in the cluster.

    2. Restart each engine node.

  5. After you enable the JMX service, connect to the remote JMX service by specifying the hostname and port 1099, or a service URL like the following:

    service:jmx:rmi:///jndi/rmi://[hostname]:1099/jmxrmi

    Because JMX uses SSL by default when communicating with a remote host, the client host must trust the PingFederate SSL certificate that is presented when a connection is established.

    To disable the use of SSL for JMX, open the /server/default/conf/jmx-remote-config.xml file and set the <item name="jmx.rmi.ssl"> property to false.

    If the JMX client does not trust the JMX certificate, a connection failed SSL message appears.

  6. If SSL is enabled in jmx-remote-config.xml, import the PingFederate SSL certificate to the client’s trusted certificates.

  7. If SSL is disabled, click Insecure to connect.