You must run setup in non-interactive command-line mode instead of interactive mode if you need to do any of the following:

  • Configure the Policy Editor with a policy configuration key. A policy configuration key is an arbitrary key/value pair that can be referenced by name in the policy Trust Framework. This allows the policy trust store to be defined without hard-coding environment-specific data such as host names and credentials in the trust store.

  • Configure a key store for a policy information provider. This defines a client certificate that the policy engine can use for MTLS connections to a policy information provider.

  • Configure a trust store for a policy information provider. This defines the set of certificates or root certificates that the policy engine uses to determine whether it trusts the server certificate presented by a policy information provider.

  • Customize the Policy Editor’s logging behavior.

  1. Make a copy of the default options file provided at config/options.yml and then customize the copy to suit your needs.

    The setup tool supports configuring these options through the use of a YAML options file

    Note:

    When you customize your options file, do not remove or alter the logging section. For guidance about customizing logging behavior, contact Ping support.

  2. Configure the Policy Editor with an options file.
    1. Stop the Policy Editor. 
      $ bin/stop-server
    2. Run setup normally.
    3. Provide the options file using the --optionsFile argument.
      For example, the following setup command configures a Policy Editor in demo mode using an options file named my-options.yml.
      $ bin/setup demo \
  --adminUsername admin \
  --generateSelfSignedCertificate \
  --decisionPointSharedSecret pingauthorize \
  --hostname <pap-hostname> \
  --port <pap-port> \
  --adminPort <admin-port> \
  --licenseKeyFile <path-to-license> \
  --optionsFile my-options.yml
    1. Start the Policy Editor. 
      $ bin/start-server