PingFederate automatically creates a time-stamped configuration (ZIP) archive every time an administrator signs on to the administrative console and before an existing archive is imported. The archives are stored in the <pf_install>/pingfederate/server/default/data/archive directory. These configuration archives can be used as backup files for the current PingFederate installation.
The automatic backup process typically completes without delays. For deployments with hundreds of connections or OAuth clients (or both), administrators can optionally configure PingFederate to create configuration archives periodically instead.
Additionally, administrators can export the current configuration to a ZIP file on the screen. This screen is only available to administrators, whose accounts have been assigned the User Admin, Admin, and Crypto Admin roles.
The backup file contains your complete configuration. To protect your data, confirm the backup file is protected with appropriate security controls in place before exporting it.
Sharing the archive is a security risk because the private keys are stored in the archive. An archive should only be shared if the security of that instance is not important, such as a development or test environment.
On the screen, administrators can also import an existing archive for immediate deployment into a running PingFederate server.
Furthermore, administrators can deploy a configuration archive manually by copying the ZIP file to <pf_install>/pingfederate/server/default/data/drop-in-deployer directory.
- Launch scripts under the <pf_install>/pingfederate/bin and <pf_install>/pingfederate/sbin directories.
- Web container configuration files under the <pf_install>/pingfederate/etc directory.
- Log files under the <pf_install>/pingfederate/log directory.
- Database drivers and program files from adapters and any other plug-ins under the <pf_install>/pingfederate/server/default/lib and <pf_install>/pingfederate/server/default/deploy directories.
- Other files (including the license file, the advanced cluster configuration files, and the user-facing email and HTML templates) under the <pf_install>/pingfederate/server/default/conf directory.
If any changes have been made to files that are not part of the configuration archive, such files must be preserved manually.
You may export a configuration archive, extract the ZIP file, and determine whether specific files are part of the configuration archive, or not.
Draft connections in archives are not imported. Complete any unfinished partner connections if you wish to include them in a full backup archive or in an archive to be used for configuration migration.