Updating On-Prem Config

Changing the SSL certificate, hostname, or the metadata configuration in SSO Connect On-Prem

SSO Connect On-Prem SSL certificates must be updated on an annual basis, or there may be times that the metadata.xml file needs to be updated on the SSO Connect server. Follow these instructions:

  1. Login to the SSO Connect On-Prem server and click the "Configuration" tab. Make the desired change (update SSL certificate, hostname change, update IdP SAML metadata, etc.).

  2. Save the changes. (This replicates the changes to the Keeper Cloud).

  3. If multiple SSO Connect servers (HA configuration) are present in your architecture, no further steps are required as each subsequent SSO Connect server will synchronize to the cloud and update. However, to force the sync, click on “Full Sync” on the SSO connect menu on each server.

From the Keeper Cloud perspective, there is no primary or secondary SSO Connect server in an HA configuration. There is a single SSO Connect data back up (per SSO Connect provisioning instance) that synchronizes to all the servers architected for HA.

Do not delete the SSO Connect provisioning instance on the Admin Console. Doing so will remove the configuration and orphan your SSO Connect servers.

Last updated