Connecting to a remote process - PingFederate

Page created: 5 Jul 2022 |

Page updated: 13 Dec 2022

| 1 min read

Guide Administrator Guide Content Type Product documentation 11.2 Capability Single Sign-on (SSO) Deployment Method Software Audience Administrator System Administrator Product PingFederate

If PingFederate is running as a Windows Service, or if the org.pingidentity.RunPF class is unavailable in the Local Process list, use this procedure to establish a connection.

To enable remote JMX monitoring in PingFederate:

In the Administrative Console, go to the Security > System Integration > Service Authentication window.
Define the credentials that are required to connect to the PingFederate JMX service.
Restart PingFederate to enable the JMX Service.
If PingFederate is deployed in a clustered environment:
1. Replicate the configuration changes on each node in the cluster.
2. Restart each engine node.
After you enable the JMX service, connect to the remote JMX service by specifying the hostname and port 1099, or a service URL like the following:
```
service:jmx:rmi:///jndi/rmi://[hostname]:1099/jmxrmi
```
Because JMX uses SSL by default when communicating with a remote host, the client host must trust the PingFederate SSL certificate that is presented when a connection is established.

To disable the use of SSL for JMX, open the /server/default/conf/jmx-remote-config.xml file and set the <item name="jmx.rmi.ssl"> property to false.

Note:
If the JMX client does not trust the JMX certificate, a connection failed SSL message appears.
If SSL is enabled in jmx-remote-config.xml, import the PingFederate SSL certificate to the client's trusted certificates.
If SSL is disabled, click Insecure to connect.

Connecting to a remote process - PingFederate - 11.2

PingFederate Server