Create a signing certificate - PingOne for Enterprise

PingOne for Enterprise

PingOne for Enterprise
PingOne for Enterprise

You can create signing certificates for use with multiplexed SAML applications or with manually configured customer IdP connections.

Note: You cannot use signing certificates with non-multiplexed SAML applications because the signing certificate is specified when the connection to the application is created.
To create a new signing certificate, specify the certificate settings and the certificate key settings. You can also use the signing certificate to create a certificate signing request (CSR).
Note: Security is a function of the combination of algorithm and key size. A larger key size provides higher security but may take longer to sign messages.
  1. In the PingOne admin portal, click Setup > Certificates.
  2. Click +Certificate to add a new signing certificate.
    Required fields are highlighted.
  3. In the Certificate Settings section, enter the certificate information:
    • Common name. The common name (CN) identifying the certificate.
    • Organization. The organization (O) or company name creating the certificate.
    • Organizational Unit. The specific unit within the organization (OU).
    • City. The city or other primary location (L) where your organization operates.
    • State. The state (ST) or other political unit encompassing the location.
    • Country. The two letter ISO code for the country where your organization is located (such as, US, GB).
    • Select Make certificate default to make this the default certificate for new application connections.
  4. Specify the certificate key settings:
    • Validity (days). The number of days until the certificate expires (defaults to 365).
    • Key Algorithm. The algorithm used to generate a key (RSA or ECC). Defaults to RSA.
    • Key Size (bits). The number of bits used in the key (defaults to 2048).
    • Signature Algorithm. The algorithm used to generate a signature (defaults to RSA SHA256).
  5. Click Save.
    The certificate appears in the certificates list.