- Sign on to the PingFederate administrative console and go to .
On the Metadata Role tab, select I am the
Identity Provider (IdP), and then click
On the Metadata Mode tab, select Select
Information to Include in Metadata Manually, and then click
- On the Protocol tab, click Next until you reach the Signing Key tab, accepting the default values.
On the Signing Key tab, select an available signing key
from the Digital Signature Keys/Certs list, and then
click Next. If none are available, click
Manage Certificates to create a signing key, and then
follow the on-screen instructions.
Although you can use a self-signed certificate, a CA-signed certificate is recommended.
- Click Next until you reach the Export & Summary tab, accepting the default values on the Metadata Signing and XML Encryption Certificate tabs.
On the Export & Summary tab, click
Export and save the metadata.xml
file. You will upload this file to Palo Alto Networks NGFW in the next