A keystore file contains the certificates required by the CAS to establish a trust relationship between ThingWorx and the CAS. Refer to the documentation from the CAS vendor for details on retrieving the required certificates to place in your Java keystore file. You will need to supply the path of this file in the KeyManagerSettings section of the sso-settings.json file, which will be configured in a later step. For PingFederate instructions, refer to the topic titled “Manage digital signing certificates and decryption keys” in the PingFederate help documentation at https://docs.pingidentity.com/bundle/pingfederate-100/page/uci1564002984974.html.