1. On the Signing & Decryption Keys & Certificates window, click Create new.
  2. On the Create Certificate tab, enter the required information.

    For information about each field, refer to the following table.

    Field Description
    Common Name The common name (CN) identifying the certificate.
    Subject Alternative Names The additional DNS names or IP addresses possibly associated with the certificate.
    Organization The organization (O) or company name creating the certificate.
    Organizational Unit The specific unit within the organization (OU).
    City The city or other primary location (L) where the company operates.
    State The state (ST) or other political unit encompassing the location.
    Country The country (C) where the company is based.
    Validity (days) The time during which the certificate is valid.
    Key Algorithm A cryptographic formula used to generate a key. PingFederate uses either of two algorithms, RSA or EC.
    Key Size (bits) The number of bits used in the key. (RSA-1024, 2048 and 4096; and EC-256, 384 and 521.)
    Signature Algorithm The signing algorithm of the certificate. (RSA and ECDSA-SHA256, SHA384, and SHA512.)
  3. When finished, click Next.
  4. On the Summary window, review your configuration, amend as needed, and click Done.