Requirements

Ping Identity supports customers who use the versions specified here. Other versions and alternative environments might work as well. When opening a support ticket for an issue, however, make sure you can also reproduce the problem on a combination covered here.

Downloads

Download product software from the Backstage download site:

File Description

File	Description
`PingGateway-2025.3.0.zip`	Cross-platform distribution including all software components.
`PingGateway-sample-application-2025.3.0.jar`	Web application for testing PingGateway configurations

PingGateway-2025.3.0.zip

Cross-platform distribution including all software components.

PingGateway-sample-application-2025.3.0.jar

Web application for testing PingGateway configurations

Learn more about using the Docker image provided with the product software in Deploy with Docker.

Operating systems

PingGateway 2025.3 software is supported on actively maintained versions of the following Linux operating systems:

Amazon Linux
Debian
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise
Ubuntu Linux

PingGateway 2025.3 software is supported on Microsoft Windows Server 2016, 2019, and 2022.

PingGateway 2024.11 and earlier software is supported on the following operating systems:

	PingGateway version
Vendor	7.2	2023.x	2024.x
Amazon Linux	(Not supported)	2, 2023
Red Hat Enterprise Linux	7, 8	7, 8, 9
Centos OS	7
Ubuntu LTS	20.04	22.04, 20.04
Windows Server	2016, 2019		2016, 2019, 2022
SUSE Linux Enterprise	12, 15
Rocky Linux	(Not supported)		9.x

Java

PingGateway supports OpenJDK, including OpenJDK-based distributions:

AdoptOpenJDK/Eclipse Adoptium
Amazon Corretto
Azul Zulu
Red Hat OpenJDK

Ping Identity tests PingGateway the most extensively with Eclipse Adoptium.

Supported Java versions
PingGateway version	7.2	2023.x	2024.x	2025.3
Java version	11	17, 11	21, 17	21, 17⁽¹⁾

⁽¹⁾ Java 17 is deprecated in 2025.3.

Recommendations:

Use the HotSpot JVM.
Keep your Java installation updated with the latest security fixes.
Java 11 is the earliest long-term supported (LTS) Java version for IG 2023.11 and earlier versions. Earlier versions of Java don’t contain required cryptography fixes. If you are using an earlier version of Java, secure your installation.

HTTP protocol

HTTP/1.1 and HTTP/2.0 are supported. HTTP/1.0 isn’t supported.

FQDNs

When applications access PingGateway directly without going through a load balancer, use a fully qualified domain name (FQDN) like gateway.example.com. The applications use the FQDN, for example, when redirecting for OAuth 2.0 or CDSSO. Browser cookies can use the FQDN as well.

When using an FQDN in production, ensure DNS correctly provides it. Alternatively, update the hosts files on all the systems that access PingGateway to (/etc/hosts or C:\Windows\System32\drivers\etc\hosts) to set the PingGateway FQDN.

Certificates

For secure network communications with client applications you don’t control, install a properly signed digital certificate that your client applications recognize, such as one that works with your organization’s PKI or one signed by a recognized CA.

To use the certificate during installation, include the certificate in a file-based keystore supported by the JVM (JKS, JCEKS, PKCS#12) or on a PKCS#11 token. To import a signed certificate into the server keystore, use the Java keytool command.

Third-party software for encryption

Bouncy Castle is required for signature encryption with RSASSA-PSS or Deterministic ECDSA. Learn more at The Legion of the Bouncy Castle.

Third-party software

Ping Identity provides support for using the following third-party software when logging common audit events:

Software	Version
Java Message Service (JMS)	2.0 API
MySQL JDBC Driver Connector/J	8 (at least 8.0.19)
Splunk	8.0 (at least 8.0.2)

Software

Version

Java Message Service (JMS)

2.0 API

MySQL JDBC Driver Connector/J

8 (at least 8.0.19)

Splunk

8.0 (at least 8.0.2)

Elasticsearch and Splunk have native or third-party tools to collect, transform, and route logs. Examples include Logstash and Fluentd.

Use these alternatives if possible. These tools have advanced, specialized features focused on getting log data into the target system. They decouple the solution from the Ping Identity Platform systems and version, and provide inherent persistence and reliability. You can configure the tools to avoid losing audit messages if a Ping Identity Platform service goes offline, or delivery issues occur.

These tools can work with common audit logging:

Configure the server to log messages to standard output, and route from there.
Configure the server to log to files, and use log collection and routing for the log files.

Ping Identity provides support for using the following third-party software when monitoring servers:

Software	Version
Grafana	5 (at least 5.0.2)
Graphite	1
Prometheus	2.0

Software

Version

Grafana

5 (at least 5.0.2)

Graphite

Prometheus

2.0

For hardware security module (HSM) support, Ping Identity Platform software requires a client library that conforms to the PKCS#11 standard v2.20 or later.

Studio browser

Ping Identity tests Studio with many browsers, including the latest stable version of Chrome.

Features requiring later versions of AM

Feature	Minimum version of AM
Session cache eviction.	AM 7.3

Feature

Minimum version of AM

Session cache eviction.

AM 7.3