Calyx RIM 6.2 CHF 2 Installation Guide

Enable PingOne IdP with LIQUENT InSight

  1. Locate the insightConfig.bat file in the <installation drive>\InSightManager\server\all\conf\insight installation directory and double-click the file.
    The Configuration Settings window appears.
  2. On the Configuration Settings window, select File > Load File.
    The current configuration settings are populated to the Configuration Wizard.
  3. Select Identity Provider Settings.
  4. Populate the following fields:
    Field Name Input Value
    Identity Provider Type PingOne
    Base API URL https://directory-api.pingone.com/api/directory
    Authorization API Token {<Client ID>:<API Key> encoded to Base64}
    Application Logout URI https://sso.connect.pingidentity.com/sso/initslo\ ?page=http://{server}:{port}/insight/
    SAML Metadata saml2-metadata-idp.xml
    SAML Entity Id urn:test:app:saml
    SAML Keystore File Name {PingOne Keystore file}.jks
    SAML Keystore Password {Keystore password}
    SAML Key Name {Key Name}

    For example: aliasname aliasname.

    SAML Key Password {Key password}
    Default Admin {Registered PingOne IDP user}

    For example: “aminpingone”

  5. Select File > Generate File.
    • The insight.var is successfully updated in the ..conf\insight directory with the correct settings.
    • The oracle-ds.xml is successfully updated in the ..server\all\deploy directory with the correct settings.
    • The login-config.xml is updated.
  6. Select File > Exit.
  7. Locate the saml2-metadata-idp.xml file obtained from the PingOne Application page to the <installation drive>\InSightManager\server\all\conf\insight installation directory.
  8. Run the Command Prompt (cmd) from <installation drive>\InSightManager\server\all\conf\insight installation directory. Paste the following command: keytool -genkey -alias aliasname -keyalg RSA -keystore samlKeystore.jks -keysize 2048, where {aliasname} is SAML Key Name property value and the samlKeystore.jks is SAML Keystore File Name property value.
  9. Press Enter.
  10. Populate the following fields:
    Note: Remember to press Enter after each step below.
    Field Name Input Value
    Enter keystore password {SAML Keystore Password property value}
    Re-enter new password {SAML Keystore Password property value}
    What is your first and last name? {valid data or leave blank}
    What is the name of your organizational unit? {valid data or leave blank}
    What is the name of your organization? {valid data or leave blank}
    What is the name of your City or Locality? {valid data or leave blank}
    What is the name of your State or Province? {valid data or leave blank}
    What is the two-letter country code for this unit? CN {valid data or blank}
    OU {valid data or blank}
    O {valid data or blank}
    L {valid data or blank}
    ST {valid data or blank}
    C {valid data or blank}
    Is correct? {y}
    Enter key password for <aliasname> <RETURN if same as keystore password>:{SAML Key Password property value}
    Re-enter new password {SAML Key Password property value}
  11. Press Enter and close the Command Prompt.
    After performing the actions in the Command Prompt, the samlKeystore.jks file is generated.
    Note: The current step is valid only for Java 8 version. For more details follow: https://docs.oracle.com/javase/8/docs/technotes/tools/windows/keytool.html#keytool_option_genkeypair
  12. Restart the Calyx RIM service.
  13. Go to Control Panel > Internet Options and select the Trusted Sites on the Security tab.
  14. Populate the Add this website to the zone field with: https://login.pingone.com.
  15. Select Add.
  16. Select Close.
  17. Select OK.