If PingFederate is running as a Windows Service, or if the .org.pingidentity.RunPF class is unavailable in the Local Process list, use this procedure to establish a connection.
- In the Administrative Console, go to the Security > System Integration > Service Authentication window.
- Define the credentials that are required to connect to the PingFederate JMX service.
- Restart PingFederate to enable the JMX Service.
-
In a clustered PingFederate environment:
- Replicate the configuration changes on each node in the cluster.
- Restart each engine node.
-
After you enable the JMX service, connect to the remote JMX service by
specifying one of the following:
- The name of the PingFederate server instance.
- The IP address, port 1099 (the default JMX port for PingFederate), and the authentication credentials that the Service Authentication page defines.
Because JMX uses SSL by default when communicating with a remote host, the client host must trust the PingFederate SSL certificate that is presented during setup for JMX. For more information, see . To disable the use of SSL for JMX, open the /server/default/conf/jmx-remote-config.xml file and set the
<item name="jmx.rmi.ssl">
property tofalse
.Note: If the JMX client does not trust the JMX certificate, a connection failed SSL message appears. - If SSL is enabled in jmx-remote-config.xml, import the PingFederate SSL certificate to the client's trusted certificates.
- If SSL if disabled, click Insecure to connect.