PingFederate Server

Managing certificates from partners

Manage certificates for various connections involving signature verification, encryption, and back-channel authentication to effectively process messages to and from partners.

About this task

You receive certificates from partners for signature verification, encryption, and back-channel authentication. They are managed within connections.

Depending on the use cases, your connection to the partner might not require signature verification, encryption, inbound (SOAP) back-channel authentication by client certificate, or any such combinations. If so, the Activation & Summary window does not display the related administrative window.

Signature verification

Specify one or more certificates that PingFederate can use to validate the digital signatures found in inbound messages from your partners.

Steps

  1. Select the connection to reach its Activation & Summary window.

  2. Select Signature Verification Certificate.

  3. Click Manage Certificates.

    You can import, export, review, activate, deactivate, and remove certificates for signature verification on the Certificate Management window.

Encryption

Specify a certificate that PingFederate uses to encrypt outbound messages before delivering them to your partners.

Steps

  1. Select the connection to reach its Activation & Summary window.

  2. Select Select XML Encryption Certificate.

  3. Click Manage Certificates.

    You can import, export, review, activate, and remove certificates for encryption on the Certificate Management window.

Back-channel authentication

Specify a certificate that PingFederate uses to authenticate inbound (SOAP) messages from your partners by their client certificates.

Steps

  1. Select the connection to reach its Activation & Summary window.

  2. Select SSL Verification Certificate.

  3. Click Manage Certificates.

    You can import, export, review, activate, and remove certificates for back-channel authentication on the Certificate Management window.