Managed SP connection to PingOne for Enterprise and signing certificate

Use managed service provider (SP) connections to PingOne for Enterprise to automatically rotate signing certificates being used by it.

PingFederate automatically rotates the signing certificate used by the managed SP connection to PingOne for Enterprise.

A managed SP connection to PingOne for Enterprise is a connection created either as part of the initial setup or the System → External Systems → Connect to PingOne for Enterprise configuration wizard in PingFederate 8.0 or later.

The certificate rotation settings are as follows.

Field	Values
Creation Buffer (days)	90
Activation Buffer (days)	30
Validity (days)	1095
Key Algorithm	RSA
Key Size	2048
Signature Algorithm	RSA SHA256

Field

Values

Creation Buffer (days)

Activation Buffer (days)

Validity (days)

1095

Key Algorithm

RSA

Key Size

2048

Signature Algorithm

RSA SHA256

If the signing certificate should be manually rotated instead, disable automatic certificate rotation. See Managing certificate rotation settings.

After making changes, the administrative console prompts for confirmation whether to update PingOne for Enterprise or to disconnect from PingOne for Enterprise in a banner message. See Managing PingOne for Enterprise settings.

PingFederate Server

Managed SP connection to PingOne for Enterprise and signing certificate