To allow PingFederate and ServiceNow to communicate securely, exchange the signing certificates between the two systems.
-
In PingFederate, export your signing certificate.
- On the PingFederate admin console, go to .
- For the certificate that you want to use, in the Action column, click Export.
- On the Export Certificate screen, click Next.
- On the Export & Summary screen, click Export.
- Open the ***********.crt file in a text editor.
-
In ServiceNow, import your PingFederate signing
certificate.
- On your ServiceNow instance, go to New. . Click
- On the New record screen, in the Name field, enter SAML 2.0.
- Optional: In the Short description field, enter a description. This appears on the Certificate screen.
- In the PEM Certificate field, paste the contents of the ***********.crt file that you exported from PingFederate.
- Click Submit.
-
In ServiceNow, export your ServiceNow single logout
(SLO) certificate.
- On your ServiceNow instance, go to SAML 2.0 SP Keystore. . Click
- On the SAML 2.0 SP Keystore screen, download the certificate keystore by clicking saml2sp_keystore.
- Extract the certificate from saml2sp_keystore as shown in How to print the Public Key of a Certificate using Keytool in the ServiceNow documentation.
- Copy the output of the command to a text file on your computer, and save it as sn-certificate.crt.
-
In PingFederate, import your ServiceNow SLO certificate
as a trusted certificate authority (CA).
- On the PingFederate admin console, go to .
- On the Trusted CAs screen, click Import.
- On the Import Certificate screen, select sn-certificate.crt. Click Next.
- On the Summary screen, click Save.
-
In ServiceNow, export your SAML 2.0 metadata.
- On your ServiceNow instance, go to .
- Copy the metadata block to a text file on your computer, and save it as sn-metadata.xml. You will use this in Creating a single sign-on connection.