If PingFederate is running as a Windows Service, or if the .org.pingidentity.RunPF class is unavailable in the Local Process list, use the Connecting to a local process option to establish a connection.
- Open the Administrative Console.
- In the left pane, click Security.
- In the System Integration section, click Service Authentication.
- Define the credentials that are required to connect to the PingFederate JMX service.
- Restart PingFederate to enable the JMX Service.
In a clustered PingFederate environment:
- Replicate the configuration changes on each node in the cluster.
- Restart each engine node.
After you enable the JMX service, connect to the remote JMX service by
specifying one of the following:
- The name of the PingFederate server instance.
- The IP address, port 1099 (the default JMX port for PingFederate), and the authentication credentials that the Service Authentication page defines.
Because JMX uses SSL by default when communicating with a remote host, the client host must trust the PingFederate SSL certificate that is presented during setup for JMX. For more information, see Runtime monitoring using JMX. To disable the use of SSL for JMX, open the /server/default/conf/jmx-remote-config.xml file and set the
<item name="jmx.rmi.ssl">property to
false.Note: If the JMX client does not trust the JMX certificate, a connection failed SSL message appears.
- If SSL is enabled in jmx-remote-config.xml, import the PingFederate SSL certificate to the client's trusted certificates.
- If SSL if disabled, click Insecure to connect.