LogoLogo
SSO Connect On-Prem
SSO Connect On-Prem
  • Keeper SSO Connect On-Prem
  • Overview
  • System Requirements
  • Installation and Setup
    • Admin Console Configuration
    • Installation - Windows
    • Installation - Linux
      • GUI Configuration
      • Linux Command-line Configuration
      • Running Keeper SSO Connect as a Service on Linux
  • Identity Provider Setup
    • AD FS Configuration
    • Entra ID/Azure AD Configuration
    • AWS SSO Configuration
    • Centrify Configuration
    • F5 Configuration
    • G Suite (Google Workspace) Configuration
    • JumpCloud Configuration
    • Okta Configuration
    • OneLogin Configuration
    • Ping Identity Configuration
    • PingOne Configuration
    • RSA SecurID Access
    • Generic SAML Configuration
  • SSL Certificate Creation
  • High Availability (HA) Configuration
  • Integration with AWS CloudHSM
  • Integration with Gemalto HSM
  • Upgrading SSO Connect On-Prem
  • Update Instructions
  • Updating On-Prem Config
  • Migrating to a new SSO Connect Server
  • Service Management
  • Troubleshooting & FAQs
  • SSO Migration to Cloud
  • Technical Support
  • Links and Resources
  • Docs Home
Powered by GitBook

Company

  • Keeper Home
  • About Us
  • Careers
  • Security

Support

  • Help Center
  • Contact Sales
  • System Status
  • Terms of Use

Solutions

  • Enterprise Password Management
  • Business Password Management
  • Privileged Access Management
  • Public Sector

Pricing

  • Business and Enterprise
  • Personal and Family
  • Student
  • Military and Medical

© 2025 Keeper Security, Inc.

On this page

Was this helpful?

Export as PDF
  1. Installation and Setup
  2. Installation - Linux

Running Keeper SSO Connect as a Service on Linux

Setting up a service on Linux

Once your server is setup and operational you should setup SSO Connect as a service. This operation will vary depending on your OS.

  1. If the application is still running because you configured it with the web interface, stop the running instance on the command line by entering CTRL-C.

  2. As the root user, create a system startup file /etc/systemd/system/ssoconnect.service with the following content (replace /path/to/keeper with your exact path and replace <user> with your username that will be running the process

[Unit]
Description=SSO Connect Java Daemon 

[Service]
WorkingDirectory=/path/to/keeper (i.e. /home/keeperservice/sso_connect)
User=<user> (i.e. root)
ExecStartPre=/bin/sleep 10 
ExecStart=/usr/bin/java -jar /path/to/keeper/SSOConnect.jar

[Install]
WantedBy=multi-user.target

"chmod" the file:

sudo chmod 644 /etc/systemd/system/ssoconnect.service

Enable the service to auto-start.

sudo systemctl enable ssoconnect.service

Run systemctl to start the service.

$ systemctl start ssoconnect
$ systemctl status ssoconnect

Troubleshooting Linux

To test the service response or to monitor the health of the Keeper SSO Connect instances, you can query the "Ping URL" which in the above example is:

http://127.0.0.1:9000/ping

Note the local ping is being used here because we connected to the local instance via port forward. To check the service running from the outside (external users) you can use the public port:

$ curl "https://<public_ip_or_dns>:<port>/ping"

Example request/response:

curl "https://sso.acme-demo.com:8443/ping"
​
{"configuration":"Running","sync_revision":41838,"sync":"Thu Nov 21 07:36:51 UTC 2019","version":"o14.1.2.4","sso":"Running","status":"Ready"}

You can review log files which are located by default in /path/to/keeper/logs/ssoconnect.log. The logging is done through a standard log4j2.xml file located in the install directory. You may change the log4j2.xml file to place your log files anywhere you wish.

$ tail -f /path/to/keeper/logs/ssoconnect.log

The next section provides Identity Provider setup instructions for each major vendor.

PreviousLinux Command-line ConfigurationNextIdentity Provider Setup

Last updated 4 years ago

Was this helpful?