You must run setup in non-interactive command-line mode instead of interactive mode if you need to do any of the following:

  • Configure the Policy Administration GUI with a policy configuration key. A policy configuration key is an arbitrary key/value pair that can be referenced by name in the policy Trust Framework. This allows the policy trust store to be defined without hard-coding environment-specific data such as host names and credentials in the trust store.

  • Configure a key store for a policy information provider. This defines a client certificate that the policy engine can use for MTLS connections to a policy information provider.

  • Configure a trust store for a policy information provider. This defines the set of certificates or root certificates that the policy engine uses to determine whether it trusts the server certificate presented by a policy information provider.

  • Customize the Policy Administration GUI’s logging behavior.

  1. Make a copy of the default options file provided at config/options.yml and then customize the copy to suit your needs.

    The setup tool supports configuring these options through the use of a YAML options file


    When you customize your options file, do not remove or alter the logging section. For guidance about customizing logging behavior, contact Ping support.

  2. Configure the Policy Administration GUI with an options file.
    1. Stop the Policy Administration GUI.
      $ bin/stop-server
    2. Run setup normally.
    3. Provide the options file using the --optionsFile argument.
      For example, the following setup command configures a Policy Administration GUI in demo mode using an options file named my-options.yml.
      $ bin/setup demo \
        --adminUsername admin \
        --generateSelfSignedCertificate \
        --decisionPointSharedSecret datagovernance \
        --hostname <pap-hostname> \
        --port <pap-port> \
        --adminPort <admin-port> \
        --licenseKeyFile <path-to-license> \
        --optionsFile my-options.yml
    1. Start the Policy Administration GUI.
      $ bin/start-server