PingOne for Enterprise

Create a signing certificate

To create a new signing certificate, you specify the certificate settings and the certificate key settings.

About this task

You can also use the signing certificate to create a CSR.

Security is a function of the combination of algorithm and key size. A larger key size provides higher security but may take longer to sign messages.

Steps

  1. In the PingOne admin portal, go to Setup → Certificates.

  2. Click +Add → Create Certificate.

  3. Under the Certificate Settings tab, enter the certificate information:

    • Common name. The common name (CN) identifying the certificate.

    • Organization. The organization (O) or company name creating the certificate.

    • Organizational Unit. The specific unit within the organization (OU).

    • City. The city or other primary location (L) where your organization operates.

    • State. The state (ST) or other political unit encompassing the location.

    • Country. The two-letter ISO code for the country where your organization is located (such as US, GB, CA).

    • Select Make certificate default to make this the default certificate for new application connections.

  4. Specify the certificate key settings:

    • Validity (Days). The number of days until the certificate expires (defaults to 365).

    • Key Algorithm. The algorithm used to generate a key (RSA or ECC). Defaults to RSA.

    • Key Size (Bits). The number of bits used in the key. Defaults to 2048.

    • Signature Algorithm. The algorithm used to generate a signature. Defaults to RSA SHA256.

  5. Click Save.

    Result:

    The certificate appears in the certificate list.