[keycloak-user] Keycloak Standalone SSL

Phillip Fleischer pcfleischer at outlook.com
Tue Aug 29 04:31:27 EDT 2017 

Another possibility is your only bound to the local ip. You could try starting with -b 0.0.0.0 or the external ip explicitly.   I think you can also change the xml configuration if you don't want to add -b.


________________________________
From: keycloak-user-bounces at lists.jboss.org <keycloak-user-bounces at lists.jboss.org> on behalf of christian lutz <christianlutz at inovel.de>
Sent: Tuesday, August 29, 2017 1:57:53 AM
To: keycloak-user at lists.jboss.org
Subject: Re: [keycloak-user] Keycloak Standalone SSL

Hello Levine,

I guess your are just using the wrong port.
Please try 8443 (inofficial) or 443 official https ports.


Christian



-------- Original Message --------
Subject: [keycloak-user] Keycloak Standalone SSL (29. August 2017, 01:43)
From:    Y Levine <ylevine20 at gmail.com>
To:      christianlutz at inovel.de

> I have the latest version of Keycloak running on a Red Hat Linux7 (all
> server specs followed).
>
> Added SSL via following steps here:
> http://www.keycloak.org/docs/1.9/server_installation_guide/topics/network/
> https.html
>
> All seems good to this stage (standalone startup logs below).
>
> However the following are not accessible remotely (firewalld, and all other
> firewalls checked out)
>
> http://server-name:8080/auth
> https://server-name:8080/auth
>
> Have I missed other setting?
>
>
>
>
>
> =========================================================================
>
>   JBoss Bootstrap Environment
>
>   JBOSS_HOME: /opt/keycloak-3.2.1.Final
>
>   JAVA: /opt/jdk1.8.0_144/bin/java
>
>   JAVA_OPTS:  -server -Xms64m -Xmx512m -XX:MetaspaceSize=96M
> -XX:MaxMetaspaceSize=256m -Djava.net.preferIPv4Stack=true
> -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true
>
> =========================================================================
>
> 15:45:44,940 INFO  [org.jboss.modules] (main) JBoss Modules version
> 1.5.1.Final
> 15:45:45,138 INFO  [org.jboss.msc] (main) JBoss MSC version 1.2.6.Final
> 15:45:45,230 INFO  [org.jboss.as] (MSC service thread 1-4) WFLYSRV0049:
> Keycloak 3.2.1.Final (WildFly Core 2.0.10.Final) starting
> 15:45:46,633 INFO  [org.jboss.as.server] (Controller Boot Thread)
> WFLYSRV0039: Creating http management service using socket-binding
> (management-http)
> 15:45:46,681 INFO  [org.xnio] (MSC service thread 1-4) XNIO version
> 3.3.4.Final
> 15:45:46,692 INFO  [org.xnio.nio] (MSC service thread 1-4) XNIO NIO
> Implementation Version 3.3.4.Final
> 15:45:46,760 INFO  [org.jboss.as.connector.subsystems.datasources]
> (ServerService Thread Pool -- 27) WFLYJCA0004: Deploying JDBC-compliant
> driver class org.h2.Driver (version 1.3)
> 15:45:46,842 INFO  [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 32) WFLYCLINF0001: Activating Infinispan subsystem.
> 15:45:46,861 INFO  [org.wildfly.extension.io] (ServerService Thread Pool --
> 31) WFLYIO001: Worker 'default' has auto-configured to 4 core threads with
> 32 task threads based on your 2 available processors
> 15:45:46,903 INFO  [org.jboss.as.connector] (MSC service thread 1-1)
> WFLYJCA0009: Starting JCA Subsystem (WildFly/IronJacamar 1.3.2.Final)
> 15:45:46,909 INFO  [org.jboss.as.connector.deployers.jdbc] (MSC service
> thread 1-2) WFLYJCA0018: Started Driver service with driver-name = h2
> 15:45:46,978 WARN  [org.jboss.as.txn] (ServerService Thread Pool -- 45)
> WFLYTX0013: Node identifier property is set to the default value. Please
> make sure it is unique.
> 15:45:46,995 INFO  [org.jboss.as.naming] (ServerService Thread Pool -- 40)
> WFLYNAM0001: Activating Naming Subsystem
> 15:45:47,011 INFO  [org.jboss.as.jsf] (ServerService Thread Pool -- 38)
> WFLYJSF0007: Activated the following JSF Implementations: [main]
> 15:45:47,054 INFO  [org.wildfly.extension.undertow] (ServerService Thread
> Pool -- 46) WFLYUT0003: Undertow 1.3.15.Final starting
> 15:45:47,070 INFO  [org.wildfly.extension.undertow] (MSC service thread
> 1-1) WFLYUT0003: Undertow 1.3.15.Final starting
> 15:45:47,074 INFO  [org.jboss.as.naming] (MSC service thread 1-1)
> WFLYNAM0003: Starting Naming Service
> 15:45:47,074 INFO  [org.jboss.as.mail.extension] (MSC service thread 1-1)
> WFLYMAIL0001: Bound mail session [java:jboss/mail/Default]
> 15:45:47,107 INFO  [org.jboss.remoting] (MSC service thread 1-4) JBoss
> Remoting version 4.0.18.Final
> 15:45:47,370 INFO  [org.jboss.as.security] (ServerService Thread Pool --
> 44) WFLYSEC0002: Activating Security Subsystem
> 15:45:47,376 INFO  [org.jboss.as.security] (MSC service thread 1-3)
> WFLYSEC0001: Current PicketBox version=4.9.4.Final
> 15:45:47,395 INFO  [org.wildfly.extension.undertow] (ServerService Thread
> Pool -- 46) WFLYUT0014: Creating file handler for path
> '/opt/keycloak-3.2.1.Final/welcome-content' with options
> [directory-listing: 'false', follow-symlink: 'false', case-sensitive:
> 'true', safe-symlink-paths: '[]']
> 15:45:47,416 INFO  [org.wildfly.extension.undertow] (MSC service thread
> 1-3) WFLYUT0012: Started server default-server.
> 15:45:47,417 INFO  [org.wildfly.extension.undertow] (MSC service thread
> 1-3) WFLYUT0018: Host default-host starting
> 15:45:47,485 INFO  [org.wildfly.extension.undertow] (MSC service thread
> 1-3) WFLYUT0006: Undertow HTTP listener default listening on 127.0.0.1:8080
> 15:45:47,571 INFO  [org.jboss.as.ejb3] (MSC service thread 1-4)
> WFLYEJB0481: Strict pool slsb-strict-max-pool is using a max instance size
> of 32 (per class), which is derived from thread worker pool sizing.
> 15:45:47,571 INFO  [org.jboss.as.ejb3] (MSC service thread 1-3)
> WFLYEJB0482: Strict pool mdb-strict-max-pool is using a max instance size
> of 8 (per class), which is derived from the number of CPUs on this host.
> 15:45:48,065 INFO  [org.infinispan.factories.GlobalComponentRegistry] (MSC
> service thread 1-1) ISPN000128: Infinispan version: Infinispan 'Mahou'
> 8.1.0.Final
> 15:45:48,110 INFO  [org.jboss.as.server.deployment] (MSC service thread
> 1-4) WFLYSRV0027: Starting deployment of "keycloak-server.war"
> (runtime-name: "keycloak-server.war")
> 15:45:48,111 INFO  [org.jboss.as.connector.subsystems.datasources] (MSC
> service thread 1-4) WFLYJCA0001: Bound data source
> [java:jboss/datasources/KeycloakDS]
> 15:45:48,112 INFO  [org.jboss.as.connector.subsystems.datasources] (MSC
> service thread 1-4) WFLYJCA0001: Bound data source
> [java:jboss/datasources/ExampleDS]
> 15:45:48,162 INFO  [org.jboss.as.server.deployment.scanner] (MSC service
> thread 1-2) WFLYDS0013: Started FileSystemDeploymentService for directory
> /opt/keycloak-3.2.1.Final/standalone/deployments
> 15:45:48,726 INFO  [org.wildfly.extension.undertow] (MSC service thread
> 1-3) WFLYUT0006: Undertow HTTPS listener https listening on 127.0.0.1:8443
> 15:45:48,788 INFO  [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 57) WFLYCLINF0002: Started loginFailures cache from keycloak
> container
> 15:45:48,803 INFO  [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 50) WFLYCLINF0002: Started sessions cache from keycloak
> container
> 15:45:48,806 INFO  [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 52) WFLYCLINF0002: Started realms cache from keycloak
> container
> 15:45:48,792 INFO  [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 51) WFLYCLINF0002: Started work cache from keycloak
> container
> 15:45:48,813 INFO  [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 48) WFLYCLINF0002: Started actionTokens cache from keycloak
> container
> 15:45:48,815 INFO  [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 49) WFLYCLINF0002: Started authorization cache from keycloak
> container
> 15:45:48,815 INFO  [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 53) WFLYCLINF0002: Started authenticationSessions cache from
> keycloak container
> 15:45:48,816 INFO  [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 55) WFLYCLINF0002: Started users cache from keycloak
> container
> 15:45:48,817 INFO  [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 54) WFLYCLINF0002: Started offlineSessions cache from
> keycloak container
> 15:45:48,817 INFO  [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 56) WFLYCLINF0002: Started keys cache from keycloak
> container
> 15:45:49,729 INFO  [org.keycloak.services] (ServerService Thread Pool --
> 51) KC-SERVICES0001: Loading config from standalone.xml or domain.xml
> 15:45:50,238 INFO  [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 51) WFLYCLINF0002: Started realmRevisions cache from
> keycloak container
> 15:45:50,245 INFO  [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 51) WFLYCLINF0002: Started userRevisions cache from keycloak
> container
> 15:45:50,256 INFO  [org.jboss.as.clustering.infinispan] (ServerService
> Thread Pool -- 51) WFLYCLINF0002: Started authorizationRevisions cache from
> keycloak container
> 15:45:53,247 INFO  [org.hibernate.jpa.internal.util.LogHelper]
> (ServerService Thread Pool -- 51) HHH000204: Processing PersistenceUnitInfo
> [
>     name: keycloak-default
>     ...]
> 15:45:53,299 INFO  [org.hibernate.Version] (ServerService Thread Pool --
> 51) HHH000412: Hibernate Core {5.0.7.Final}
> 15:45:53,300 INFO  [org.hibernate.cfg.Environment] (ServerService Thread
> Pool -- 51) HHH000206: hibernate.properties not found
> 15:45:53,302 INFO  [org.hibernate.cfg.Environment] (ServerService Thread
> Pool -- 51) HHH000021: Bytecode provider name : javassist
> 15:45:53,331 INFO  [org.hibernate.annotations.common.Version]
> (ServerService Thread Pool -- 51) HCANN000001: Hibernate Commons
> Annotations {5.0.1.Final}
> 15:45:53,458 INFO  [org.hibernate.dialect.Dialect] (ServerService Thread
> Pool -- 51) HHH000400: Using dialect: org.hibernate.dialect.H2Dialect
> 15:45:53,464 WARN  [org.hibernate.dialect.H2Dialect] (ServerService Thread
> Pool -- 51) HHH000431: Unable to determine H2 database version, certain
> features may not work
> 15:45:53,503 INFO  [org.hibernate.envers.boot.internal.EnversServiceImpl]
> (ServerService Thread Pool -- 51) Envers integration enabled? : true
> 15:45:54,069 INFO  [org.hibernate.validator.internal.util.Version]
> (ServerService Thread Pool -- 51) HV000001: Hibernate Validator 5.2.3.Final
> 15:45:54,780 INFO
> [org.hibernate.hql.internal.QueryTranslatorFactoryInitiator] (ServerService
> Thread Pool -- 51) HHH000397: Using ASTQueryTranslatorFactory
> 15:45:56,143 INFO  [org.jboss.resteasy.resteasy_jaxrs.i18n] (ServerService
> Thread Pool -- 51) RESTEASY002225: Deploying javax.ws.rs.core.Application:
> class org.keycloak.services.resources.KeycloakApplication
> 15:45:56,144 INFO  [org.jboss.resteasy.resteasy_jaxrs.i18n] (ServerService
> Thread Pool -- 51) RESTEASY002205: Adding provider class
> org.keycloak.services.filters.KeycloakTransactionCommitter from Application
> class org.keycloak.services.resources.KeycloakApplication
> 15:45:56,145 INFO  [org.jboss.resteasy.resteasy_jaxrs.i18n] (ServerService
> Thread Pool -- 51) RESTEASY002200: Adding class resource
> org.keycloak.services.resources.ThemeResource from Application class
> org.keycloak.services.resources.KeycloakApplication
> 15:45:56,145 INFO  [org.jboss.resteasy.resteasy_jaxrs.i18n] (ServerService
> Thread Pool -- 51) RESTEASY002200: Adding class resource
> org.keycloak.services.resources.JsResource from Application class
> org.keycloak.services.resources.KeycloakApplication
> 15:45:56,145 INFO  [org.jboss.resteasy.resteasy_jaxrs.i18n] (ServerService
> Thread Pool -- 51) RESTEASY002220: Adding singleton resource
> org.keycloak.services.resources.RealmsResource from Application class
> org.keycloak.services.resources.KeycloakApplication
> 15:45:56,146 INFO  [org.jboss.resteasy.resteasy_jaxrs.i18n] (ServerService
> Thread Pool -- 51) RESTEASY002220: Adding singleton resource
> org.keycloak.services.resources.admin.AdminRoot from Application class
> org.keycloak.services.resources.KeycloakApplication
> 15:45:56,146 INFO  [org.jboss.resteasy.resteasy_jaxrs.i18n] (ServerService
> Thread Pool -- 51) RESTEASY002210: Adding provider singleton
> org.keycloak.services.util.ObjectMapperResolver from Application class
> org.keycloak.services.resources.KeycloakApplication
> 15:45:56,146 INFO  [org.jboss.resteasy.resteasy_jaxrs.i18n] (ServerService
> Thread Pool -- 51) RESTEASY002220: Adding singleton resource
> org.keycloak.services.resources.WelcomeResource from Application class
> org.keycloak.services.resources.KeycloakApplication
> 15:45:56,146 INFO  [org.jboss.resteasy.resteasy_jaxrs.i18n] (ServerService
> Thread Pool -- 51) RESTEASY002220: Adding singleton resource
> org.keycloak.services.resources.RobotsResource from Application class
> org.keycloak.services.resources.KeycloakApplication
> 15:45:56,146 INFO  [org.jboss.resteasy.resteasy_jaxrs.i18n] (ServerService
> Thread Pool -- 51) RESTEASY002220: Adding singleton resource
> org.keycloak.services.resources.ServerVersionResource from Application
> class org.keycloak.services.resources.KeycloakApplication
> 15:45:56,225 INFO  [org.wildfly.extension.undertow] (ServerService Thread
> Pool -- 51) WFLYUT0021: Registered web context: /auth
> 15:45:56,274 INFO  [org.jboss.as.server] (ServerService Thread Pool -- 47)
> WFLYSRV0010: Deployed "keycloak-server.war" (runtime-name :
> "keycloak-server.war")
> 15:45:56,390 INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0060:
> Http management interface listening on http://127.0.0.1:9990/management
> 15:45:56,390 INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0051:
> Admin console listening on http://127.0.0.1:9990
> 15:45:56,390 INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0025:
> Keycloak 3.2.1.Final (WildFly Core 2.0.10.Final) started in 11793ms -
> Started 448 of 823 services (561 services are lazy, passive or on-demand)
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user


_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user

More information about the keycloak-user mailing list