- Request a license key through the Ping Identity licensing website.
- Ensure you are signed on to your system with sufficient privileges to install and run an application.
- Verify that you have installed the Java Runtime Environment (JRE) and that you have set the required environment variables correctly. For more information, see Installing Java in the PingFederate Server documentation.
If you have not installed PingFederate on Linux using the distribution .zip archive, you can install it manually. To install the PingFederate service on Linux manually:
- Download the distribution .zip archive from the Ping Identity website.
- Extract the file into an installation directory, <pf_install>.
-
Create a new local user account for the PingFederate service, such as
pingfederate.
Note:
The service account is referred to as <pf_user>.
-
Change the ownership of the PingFederate
installation directory <pf_install> and
update the
read-write
permissions
by
running
the following
commands:
chown -R <pf_user> <pf_install> chmod -R 775 <pf_install>
-
If the operating system supports systemd, install the PingFederate unit file:
-
Edit the
<pf_install>/pingfederate/sbin/linux/pingfederate.service
systemd unit
file.
Replace the following variables with information from your environment:
- ${PF_VERSION}
- The version of PingFederate.
- ${PF_USER}
- The local user account for the PingFederate service.
- ${PF_HOME}
- The <pf_install>/pingfederate directory.
- For example, if <pf_install> is /opt/identity.fed, replace ${PF_HOME} with /opt/identity.fed/pingfederate.
- ${PF_JAVA_HOME}
- The <JAVA_HOME> environment variable value (a directory).
-
Copy the pingfederate.service file to the systemd unit
files directory, for example, /etc/systemd/system.
Note:
Depending on the operating system, the exact location might vary. Consult your system administrators as needed. The rest of the step assumes /etc/systemd/system is the systemd unit files directory.
-
Run
the following command to update the
read-write
permissions of the pingfederate.service systemd unit
file:
chmod 664 /etc/systemd/system/pingfederate.service
-
Run
the following commands to load the new system configuration changes and start
the PingFederate
service:
systemctl daemon-reload ;\ systemctl start pingfederate
-
Run
the following commands to configure the PingFederate service to start automatically as the
server
boots:
systemctl enable pingfederate ;\ systemctl daemon-reload ;\ systemctl restart pingfederate
After setting up the PingFederate systemd unit file, you can run the following systemctl command to manage the PingFederate service:
systemctl start pingfederate systemctl stop pingfederate systemctl restart pingfederate systemctl status pingfederate
-
Edit the
<pf_install>/pingfederate/sbin/linux/pingfederate.service
systemd unit
file.
-
If the operating system supports SysV initialization, follow these steps to install
the PingFederate script.
-
Edit the
<pf_install>/pingfederate/sbin/linux/pingfederate
script.
Replace the following statements with information from your environment:
- PF_HOME=$PF_HOME
- Replace $PF_HOME with the <pf_install>/pingfederate directory.
- For example, if <pf_install> is /opt/identity.fed, replace $PF_HOME with /opt/identity.fed/pingfederate.
- USER="pingfederate"
- If the PingFederate service account
is not
pingfederate
, replace <pingfederate> with the local user account for the PingFederate service. - For example, if <pf_user> is
pingfed
, replace <pingfederate> withpingfed
.
- Example (truncated)
- If <pf_install> and
<pf_user> are
/opt/identity.fed and
pingfederate
respectively, the required modifications are:... PF_HOME=/opt/identity.fed/pingfederate DIR="$PF_HOME/sbin" USER="pingfederate" ...
-
Copy the pingfederate script to the SysV initialization
directory, for example, /etc/rc.d/init.d.
The exact location might vary, depending on the operating system. Consult your system administrators, as needed. The rest of the step assumes /etc/rc.d/init.d is the SysV initialization directory.
-
Run
the following command to update the
read-write
permissions of the pingfederate SysV initialization
script:
chmod 755 /etc/rc.d/init.d/pingfederate
-
Configure the operating system to start the PingFederate service at various runlevels.
On an RHEL server, you can use the Service Configuration utility to do so.
Alternatively, the initialization directories associated with various runlevels can accept manual symbolic links of the pingfederate script by running the
ln -s <source> <target>
command.You can create the following symbolic links on an RHEL server where runlevels 2 and 4 are not used:
ln -s /etc/rc.d/init.d/pingfederate /etc/rc3.d/S84pingfederate ln -s /etc/rc.d/init.d/pingfederate /etc/rc5.d/S84pingfederate ln -s /etc/rc.d/init.d/pingfederate /etc/rc0.d/K15pingfederate ln -s /etc/rc.d/init.d/pingfederate /etc/rc1.d/K15pingfederate ln -s /etc/rc.d/init.d/pingfederate /etc/rc6.d/K15pingfederate
Note:Some operating systems might require a restart of the system to activate the new scripts. Consult your system administrators as needed.
-
Edit the
<pf_install>/pingfederate/sbin/linux/pingfederate
script.
After setting up the PingFederate SysV initialization script, you can use the Service Configuration utility or run the following service commands to manage the PingFederate service:
service pingfederate start
service pingfederate stop
service pingfederate restart
service pingfederate status