Configure a secure connection to the proxied PingFederate runtime in PingAccess.
Before configuring a secure connection to the PingFederate runtime, export the PingFederate certificate and import it into a trusted certificate group in PingAccess. Perform the following steps:
- In PingFederate, export the certificate active for the runtime server. For more information, see SSL Server Certificates in the PingFederate documentation.
- Import the certificate into PingAccess.
- Create a Trusted Certificate Group if one does not already exist.
- Add the certificate to a Trusted Certificate Group.
For information on configuring PingFederate as an OAuth authorization server, see Enabling the OAuth AS and Authorization Server Settings in the PingFederate documentation.
After you save the PingFederate runtime connection, PingAccess will test the connection to PingFederate. If the connection cannot be made, an error will display in the administrative interface, and the PingFederate runtime will not save.
After you successfully configure the token provider, click View Metadata to display the metadata provided by the token provider. To update the metadata, click Refresh Metadata.
After you save this configuration and perform the steps in Configuring OAuth resource servers, a PingFederate access validator is available for selection when you define OAuth-type rules in Policy Manager.