PingOne for Enterprise

Importing a certificate and key pair

Add an imported key pair and certificate to use as a signing certificate for PingOne SSO for SaaS Apps.

About this task

The imported certificate file must meet the following criteria:

  • The certificate file must be a PKCS12 file in .p12 or .pfx format

  • The certificate must have a key length of 2048 bits or greater

  • The certificate must be encrypted using SHA-256 or better

  • The certificate must not be expired

PingOne SSO for SaaS Apps can’t accept certificate files created with OpenSSL 3.0.1. Use OpenSSL 1.1.1 or LibreSSL 2.8.3 instead.

Steps

  1. Go to Setup → Certificates.

  2. Click Add → Import KeyPair/Cert.

  3. In the Password field, enter the password used to protect the PKCS12 file.

  4. Optional: Select the Make certificate default check box to make this the default signing certificate.

  5. Drag and drop, or click Select a file and choose a key store file to import.

  6. Click Upload.