[keycloak-dev] Enable SSL by default
Bill Burke
bburke at redhat.com
Thu Jul 31 08:53:48 EDT 2014
So hardcode the localhost requirement? That would work. The switch
would be "require ssl" or "non-encrypted localhost only"
On 7/31/2014 5:40 AM, Stian Thorgersen wrote:
> To make sure no-one goes of and uses Keycloak in production without HTTPS we should require SSL by default. To still allow developers to play with Keycloak without having to configure HTTPS first we should allow non-HTTPS if accessed via localhost only.
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list