<div dir="ltr">Thx. <div><br></div><div>Remark : This is only required for a demo as currently the Apiman-gateway Kubernetes App doesn't run as HTTPS Server but only as HTTP Server. I will make the modifications next week to be able to use it as HTTP or HTTPS Server by adding Openshift Route with TLS Termination passthrough</div><div class="gmail_extra"><div><div class="gmail_signature"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div style="color:rgb(74,74,74);font-weight:bold;font-family:'Liberation Sans','Open Sans',sans-serif;line-height:22.4px"><span></span></div></div></div></div></div></div></div></div></div></div></div></div></div></div>
<br><div class="gmail_quote">On Fri, May 13, 2016 at 1:05 PM, Marc Savy <span dir="ltr"><<a href="mailto:marc.savy@redhat.com" target="_blank">marc.savy@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">On 12 May 2016 at 22:30, Charles Moulliard <<a href="mailto:cmoullia@redhat.com">cmoullia@redhat.com</a>> wrote:<br>
> Can we disable SSL/TLS when we use Keycloak Oauth plugin to avoid this<br>
> message ""OAuth2 token was transmitted without required transport security<br>
> (TLS, SSL)." ?<br>
<br>
</span>Yes, you should be able to untick "require transport security" or edit<br>
your policy's JSON config (see:<br>
<a href="http://www.apiman.io/latest/user-guide.html#_oauth_policy_keycloak" rel="noreferrer" target="_blank">http://www.apiman.io/latest/user-guide.html#_oauth_policy_keycloak</a>).<br>
<br>
It's generally not a good idea to use OAuth2 without transport<br>
security, however.<br>
</blockquote></div><br></div></div>