If PingFederate is running as a Windows Service, or if
the org.pingidentity.RunPF class is unavailable in the Local Process list,
use this procedure to establish a connection.
To enable remote JMX monitoring in PingFederate:
-
In the Administrative Console, go to the window.
-
Define the credentials that are required to connect to the PingFederate JMX
service.
-
Restart PingFederate to enable the JMX Service.
-
If PingFederate is deployed in a clustered
environment:
-
Replicate the configuration changes on each node in the cluster.
-
Restart each engine node.
-
After you enable the JMX service, connect to the remote JMX service by
specifying the hostname and port
1099, or a service URL like
the following:
service:jmx:rmi:///jndi/rmi://[hostname]:1099/jmxrmi
Because JMX uses SSL by default when communicating with a remote host, the
client host must trust the PingFederate SSL
certificate that is presented when a connection is established.
To disable the use of SSL for JMX, open the
/server/default/conf/jmx-remote-config.xml file and
set the <item name="jmx.rmi.ssl"> property to
false.
Note:
If the JMX client does not trust the JMX certificate, a connection
failed SSL message appears.
-
If SSL is enabled in jmx-remote-config.xml, import the
PingFederate SSL certificate to the client's trusted certificates.
-
If SSL is disabled, click Insecure to connect.