Create Self-Signed SSL Certificate
This section describes how to create a self-signed SSL certificate and sign the tokens.
Creating a Self-Signed SSL certificate
This step is optional and is only required if using a Self-Signed SSL certificate. But it is highly recommended to use a valid CA provisioned certificate.
Perform the following steps to create a new Self-Signed SSL certificate:
-
Go to Security > SSL server certificates.
The SSL server certificates window is displayed.
-
Click Create New, and enter the required values for all the parameters.
-
Select the certificate, and click Activate for Runtime Server from the Select Action drop-down list.
Use SSL Certificate for signing the Access Tokens
Perform the following steps:
-
In the left pane, select OAuth & OpenID Connect Keys.
-
Select the ENABLE STATIC KEYS check box.
-
Under Signing Keys > RSA, select the SSL certificate to use for signing the Keys.
If required, the same certificate is used for decryption.
You can use the same certificate for token signing.
Token Signing
Perform the following steps:
-
In the left pane, select Token Signing Keys.
-
Click Add Key Set, and select the SSL certificate created in Create a new Self-signed SSL certificate on PingFederate.
