PingOne HTTP External Server

Note: this component is designated "advanced", which means that objects of this type are not expected to be created or altered in most environments. If you believe that such a change is necessary, you may want to contact support in order to understand the potential impact of that change.

PingOne HTTP External Servers are used to specify HTTPS connection settings for a PingOne ID Token Validator. Custom HTTPS connection settings are typically unnecessary.

Parent Component Relations from This Component Relations to This Component Properties dsconfig Usage

Parent Component

The PingOne HTTP External Server component inherits from the HTTP External Server

Relations from This Component

The following components have a direct aggregation relation from PingOne HTTP External Servers:

Relations to This Component

The following components have a direct aggregation relation to PingOne HTTP External Servers:

Properties

The properties supported by this managed object are as follows:


Basic Properties: Advanced Properties:
 description  connect-timeout
 hostname-verification-method  response-timeout
 trust-manager-provider

Basic Properties

description

Description
A description for this External Server
Default Value
None
Allowed Values
A string
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action

hostname-verification-method

Description
The mechanism for checking if the hostname in the PingOne ID Token Validator's base-url value matches the name(s) stored inside the X.509 certificate presented by PingOne.
Default Value
strict
Allowed Values
allow-all - This mechanism turns hostname verification off.

strict - This mechanism works the same way as the Java Runtime Environment. It is also compliant with RFC 2818 for dealing with wildcards. The hostname must match any of the Subject Alternative Names or the first CN. A wildcard can occur in the CN, and in any of the Subject Alternative Names. A wildcard such as "*.foo.com" matches only subdomains in the same level, for example "a.foo.com". It does not match deeper subdomains such as "a.b.foo.com".
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action

trust-manager-provider

Description
The trust manager provider to use for HTTPS connection-level security.
Default Value
The Java Runtime Environment's default trust manager will be used
Allowed Values
The DN of any Trust Manager Provider. The associated trust manager provider must exist and must be enabled if SSL is to be used.
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action


Advanced Properties

connect-timeout (Advanced Property)

Description
Specifies the maximum length of time to wait for a connection to be established before aborting a request to PingOne. A value of zero seconds indicates that no connect timeout should be enforced, although the network stack of the underlying operating system may enforce a limit.
Default Value
30 seconds
Allowed Values
A duration. Lower limit is 0 milliseconds. Upper limit is 2147483647 milliseconds.
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action

response-timeout (Advanced Property)

Description
Specifies the maximum length of time to wait for response data to be read from an established connection before aborting a request to PingOne. A value of zero seconds indicates that no response timeout should be enforced, although the network stack of the underlying operating system may enforce a limit.
Default Value
30 seconds
Allowed Values
A duration. Lower limit is 0 milliseconds. Upper limit is 2147483647 milliseconds.
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action


dsconfig Usage

To list the configured External Servers:

dsconfig list-external-servers
     [--property {propertyName}] ...

To view the configuration for an existing External Server:

dsconfig get-external-server-prop
     --server-name {name}
     [--tab-delimited]
     [--script-friendly]
     [--property {propertyName}] ...

To update the configuration for an existing External Server:

dsconfig set-external-server-prop
     --server-name {name}
     (--set|--add|--remove) {propertyName}:{propertyValue}
     [(--set|--add|--remove) {propertyName}:{propertyValue}] ...

To create a new PingOne HTTP External Server:

dsconfig create-external-server
     --server-name {name}
     [--set {propertyName}:{propertyValue}] ...

To delete an existing External Server:

dsconfig delete-external-server
     --server-name {name}