You receive certificates from partners for signature verification, encryption, and back-channel authentication. They are managed within connections.

Signature verification
You specify one or more certificates that PingFederate can use to validate the digital signatures found in inbound messages from your partners.
To manage such certificates for a given connection:
  1. Select the connection to reach its Activation & Summary screen.
  2. Select Signature Verification Certificate.
  3. Click Manage Certificates.

    You can import, export, review, activate, deactivate, and remove certificates for signature verification on the Certificate Management screen.

Encryption
You specify a certificate that PingFederate uses to encrypt the outbound messages before delivering them to your partners.
To manage such certificates for a given connection:
  1. Select the connection to reach its Activation & Summary screen.
  2. Select Select XML Encryption Certificate.
  3. Click Manage Certificates.

    You can import, export, review, activate, and remove certificates for encryption on the Certificate Management screen.

Back-channel authentication
You specify a certificate that Pingfederate uses to authenticate inbound (SOAP) messages from your partners by their client certificates.
To manage such certificates for a given connection:
  1. Select the connection to reach its Activation & Summary screen.
  2. Select SSL Verification Certificate.
  3. Click Manage Certificates.

    You can import, export, review, activate, and remove certificates for back-channel authentication on the Certificate Management screen.

Note:

Depending on the use cases, your connection to the partner may not require signature verification, encryption, inbound (SOAP) back-channel authentication by client certificate, or any such combinations. If so, the Activation & Summary screen does not display the related administrative screen.