[keycloak-user] Signing Keys in a cluster

prab rrrr prabhalar at yahoo.com
Sat Jan 17 08:54:35 EST 2015


 Hi,
I am in the process of setting up a cluster of keycloak instances, all of which are accessible by a single url (fronted by a reverse proxy or an alias). So when a client application communicates with the single url using either SAML or Openid Connect, how do we ensure that all the keycloak instances use the same set of certificates/keys to sign/encrypt the SAML/OpenID Connect response?
Noticed that we can generate a new set of keys for each realm within Keycloak instance but they are different across different instances. Is there a way of using the same certificate/keys across all the instances?
Appreciate any input.
Thanks,Raghu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150117/ca12c062/attachment-0001.html 


More information about the keycloak-user mailing list