The certificate must be valid when you add it to PingOne. You cannot add a certificate before its validity period begins (the certificate’s NotBefore date) or after it expires (the certificate’s NotAfter date). The private key must be unencrypted. You cannot upload a private key that is protected by a password or passphrase. The certificate, private key, and certificate chain must all be PEM-encoded unless uploading a PKCS 12 file format.

  1. Go to Settings > Certificates and Key Pairs.
  2. Click + Add, and then click Import key pair/cert.
  3. Select the primary usage type for this certificate.

    Certificates can be used for signing and verification, encryption, or SSL.

  4. Click Select a file and go to the appropriate file on your local file system.
  5. Select the file and click Open.
  6. In the Import key pair certificate window, click Upload.