You can generate a Certificate Signing Request (CSR) using a signing certificate that you created. In the PingOne for Enterprise certificate management page, download the CSR for the relevant certificate, and then send it to your Certificate Authority (CA). The CA will send back a CSR response which you can upload to PingOne for Enterprise. Once it is uploaded, your certificate is updated to the version signed by the CA.

  1. Click Setup > Certificates.
  2. In the certificate list, expand the relevant entry and click CSR.
  3. Click Export and navigate to the location at which you want to save the CSR response.
  4. Upload the CSR to the relevant CA for signing.
    The CA signs the certificate and sends you a CSR response.
  5. Click Import, navigate to the CSR response and click OK.
    The CSR response is imported and saved. When PingOne for Enterprise uses the certificate to sign SSO messages (SAML assertions) it uses the updated certificate signed by the CA.