Creating a new certificate

On the SSL Server Certificates window, you can generate customized certificates.

Steps

On the Create Certificate window, enter the required information.

For information about each field, refer to the following table.

Field	Description
Common Name	The common name (CN) identifying the certificate.
Subject Alternative Names	The additional DNS names or IP addresses that can be associated with the certificate.
Organization	The organization (O) or company name creating the certificate.
Organizational Unit	The specific unit within the organization (OU).
City	The city or other primary location (L) where the company operates.
State	The state (ST) or other political unit encompassing the location.
Country	The country © where the company is based.
Validity (days)	The time during which the certificate is valid.
Cryptographic Provider	The storage facility of the certificate. Applicable and visible only when PingFederate is integrated with an HSM in hybrid mode. Select HSM to store the certificate in the HSM. Select Local Trust Store to store the certificate in the local trust store managed by PingFederate.
Key Algorithm	A cryptographic formula used to generate a key. PingFederate uses either of two algorithms, RSA or EC.
Key Size (bits)	The number of bits used in the key. (RSA-1024, 2048 and 4096; and EC-256, 384 and 521.)
Signature Algorithm	The signing algorithm of the certificate. (RSA-SHA256, SHA384, and SHA512; and ECDSA-SHA256, SHA384, and SHA512.)

Field

Description

Common Name

The common name (CN) identifying the certificate.

Subject Alternative Names

The additional DNS names or IP addresses that can be associated with the certificate.

Organization

The organization (O) or company name creating the certificate.

Organizational Unit

The specific unit within the organization (OU).

City

The city or other primary location (L) where the company operates.

State

The state (ST) or other political unit encompassing the location.

Country

The country © where the company is based.

Validity (days)

The time during which the certificate is valid.

Cryptographic Provider

The storage facility of the certificate.

Applicable and visible only when PingFederate is integrated with an HSM in hybrid mode.

Select HSM to store the certificate in the HSM.
Select Local Trust Store to store the certificate in the local trust store managed by PingFederate.

Key Algorithm

A cryptographic formula used to generate a key. PingFederate uses either of two algorithms, RSA or EC.

Key Size (bits)

The number of bits used in the key. (RSA-1024, 2048 and 4096; and EC-256, 384 and 521.)

Signature Algorithm

The signing algorithm of the certificate. (RSA-SHA256, SHA384, and SHA512; and ECDSA-SHA256, SHA384, and SHA512.)

When finished, click Next.
On the Summary window, review your configuration, amend as needed, and click Save.