1. Go to System > Protocol Metadata > File Signing.
  2. On the Select Metadata File tab, choose your metadata file.
  3. On the Digital Signature Settings tab, select a signing certificate from the list.

    If you have not yet created or imported your certificate into PingFederate, click Manage Certificates and use the Certificate Management configuration wizard to complete the task.

    1. Clear the related check boxes to exclude the public key information and the raw key from the signed XML file.
    2. Select a signing algorithm from the list.

      The default selection is RSA SHA256 or ECDSA SHA256, depending on the key algorithm of the chosen signing certificate. Make a different selection if you and your connection partner have agreed to use a stronger algorithm. For a list of the available signing algorithms and their URIs, see Signing algorithms.

  4. On the Export & Summary tab, click Export to save the digitally signed file.
  5. Click Done.