Copying the key from the source to the target server - PingFederate - 10.3

PingFederate Server

bundle
pingfederate-103
ft:publication_title
PingFederate Server
Product_Version_ce
PingFederate 10.3
category
Product
pf-103
pingfederate
ContentType_ce

You must copy the key from the source server to the target server before you migrate data using the configcopy tool.

Note:

As of PingFederate 10.2, the configcopy tool has been deprecated and will be removed in a future release.

To copy the key from the source to the target server, you copy the needed keys from the pf.jwk file on the source server and append it to the last key in the pf.jwk file on the target server, and then restart that target server. This step only needs to be completed before the first migration.

  1. In your PingFederate installation on the source server, open the pf.jwk file in the <pf_install>/pingfederate/server/default/data directory.
  2. Copy the key in the file.

    Make sure you copy the entire key JSON message, as in the following example.

    {"keys":[{"kty":"oct","kid":"j0PUEdAb95","k":"AGi8Lg_ewdl-_30Cx83kDMQE9oNlhgJSa_Pc4I8JTU8"}]}
  3. In your PingFederate installation on the target sever, open the pf.jwk file.
  4. Insert a comma at the end of the last key in the file and append the source key.

    For example, if the pf.jwk on the target server reads as follows.

    {"keys":[{"kty":"oct","kid":"wER9zEpaPe","k":"i0HQr9JmsqjAX4o_BQU1qGJzoLQI-nmwp8u3GyHzTB8"}]}

    Insert the comma and the source key as shown.

    {"keys":[{"kty":"oct","kid":"wER9zEpaPe","k":"i0HQr9JmsqjAX4o_BQU1qGJzoLQI-nmwp8u3GyHzTB8"},
    {"kty":"oct","kid":"j0PUEdAb95","k":"AGi8Lg_ewdl-_30Cx83kDMQE9oNlhgJSa_Pc4I8JTU8"}]}
    Note:

    This is a well-formed JSON document in one line.

  5. Save the pf.jwk file and restart the target server.
  6. If applicable, repeat the steps above for each target PingFederate server.