HomeEnterprise GuideUser Guides
Search…
Keeper SSO Connect On-Prem
Overview
System Requirements
Installation and Setup
Identity Provider Setup
High Availability (HA) Configuration
Integration with AWS CloudHSM
Integration with Gemalto HSM
Upgrading SSO Connect
Update Instructions
Updating On-Prem Config
Migrating to a new SSO Connect Server
End-User Login Flow
Service Management
Troubleshooting & FAQs
Creating SSL Certificates
SSO Migration to Cloud
Technical Support
Links and Resources
Docs Home
Powered By GitBook
High Availability (HA) Configuration
Operating Keeper SSO Connect in HA mode
Keeper SSO Connect is can be optionally configured to operate in a multi-instance HA environment. Once the first instance is configured (per Windows and Linux instructions in this document) and the service is enabled to start on boot, the instance can be cloned and additional instances can be launched behind a load balancer.
Each HA instance must run the same version of SSO Connect

Windows

  1. 1.
    Install Keeper SSO Connect on the new instance
  2. 2.
    Login to the SSO Connect instance configuration screen and select the SSO Connection from the drop-down menu after login.
  3. 3.
    Use the Windows Services screen to restart Keeper SSO Connect.
Upon startup the SSO Connect service is synchronized to this instance and will begin to process user transactions.

Linux

Use the command-line interface to initialize the instance using the following procedure: $ java -jar SSOConnect.jar -config
Enter the following when prompted:
  • Keeper Administrator email address
  • Keeper Administrator Master Password
  • Two-Factor code (if enabled on the account)
  • SSO Domain Name (this attribute is defined on the SSO Connect provisioning screen on the Keeper Admin Console)
When the configuration steps are finished, the current settings will be sync'd from the server including the SSL Cert and IDP XML file, so you don’t have to supply information for those settings. But if you are using a private IP you will have to set that up in the Configuration dialog. When asked “Do you wish to configure…”, enter Y. Hit enter to retain existing values until it prompts for the Private IP and Private Port. Enter the appropriate values.
Continue pressing Enter to accept the current settings until all prompts are answered.
Restart the service.
$ systemctl restart ssoconnect
Upon startup the SSO Connect service is synchronized to this instance and will begin to process user transactions.
Previous
Generic SAML Configuration
Next
Integration with AWS CloudHSM
Last modified 2yr ago
Export as PDF
Copy link
On this page
Windows
Linux