Updating the SSO Connect Configuration

Changing the SSL certificate, hostname, or the metadata configuration.

The need may arise where either the SSL certificate or the metadata.xml file needs to be updated on the SSO Connect server. Follow these instructions:

  1. Log in to an SSO Connect server and click the configuration link. Make the desired change (update SSL certificate, hostname change, update IdP SAML metadata, etc.).

  2. Save the changes. (This replicates the changes to the Keeper Cloud).

  3. If multiple SSO Connect servers (HA configuration) are present in your architecture, no further steps are required as each subsequent SSO Connect server will synchronize to the cloud and update. However, to force the sync, click on “Full Sync” on the SSO connect menu on each server.

From the Keeper Cloud perspective, there is no primary or secondary SSO Connect server in an HA configuration. There is a single SSO Connect data back up (per SSO Connect provisioning instance) that synchronizes to all the servers architected for HA.

Do not delete the SSO Connect provisioning instance on the Admin Console. Doing so will remove the configuration and orphan your SSO Connect servers.