High Availability (HA) Configuration

Last updated 8 days ago

Keeper SSO Connect is designed to operate in a multi-instance HA environment. Once the first instance is configured (per instructions above) and the service is enabled to start upon boot, the instance can be cloned and additional instances can be launched underneath a load balancer.

To set up additional instances or to replace an instance, please follow these steps:

  1. Install Keeper SSO Connect on the new instance per instructions above and start the service

  2. Initialize the instance by one of the following methods:

  • Using the web browser, login to the SSO Connect instance configuration screen and select the SSO Connection from the drop-down menu after login.

  • Use the command-line interface to initialize the instance using the following procedure:

    Run the command line config option: $ java -jar SSOConnect.jar -c

Type in the following when prompted:

  • Keeper Administrator email address

  • Corresponding Keeper Administrator Master Password

  • Two-Factor code (if enabled on account)

  • SSO Domain Name (this attribute is defined on the SSO Connect provisioning screen on the Keeper Admin Console)

When the following steps are finished, the current settings will be synched from the server including the SSL Cert and IDP XML file, so you don’t have to supply information for those settings. But, if you are using a private IP, you will have to set it up. When asked “Do you wish to configure…”, enter Y. Hit enter to not change any values until it prompts for the Private IP and Private Port. Enter the appropriate values.

Continue to hitting to accept the current setting until all prompts are answered.

Restart the service. Windows: Use the Windows Services screen to restart Keeper SSO Connect. Unix: $ systemctl restart ssoconnect

Now, the SSO Connect service is sync'd to this instance and it can process user transactions.