<div dir="ltr">







<p class="">I am using Keycloak Beta 1 Snapshot as my SSO but when any user logs in it gives a 403 forbidden and the error shown below. Any idea what went wrong?</p><p class=""><br></p><p class="">ERROR [org.keycloak.adapters.OAuthRequestAuthenticator] (default task-7) failed to turn code into token: <span class="">javax.net.ssl.SSLPeerUnverifiedException</span>: peer not authenticated</p>

<p class=""><span class="">        </span>at sun.security.ssl.SSLSessionImpl.getPeerCertificates(<span class="">SSLSessionImpl.java:397</span>) [jsse.jar:1.7.0_45]</p>
<p class=""><span class="">        </span>at org.apache.http.conn.ssl.AbstractVerifier.verify(<span class="">AbstractVerifier.java:128</span>)</p>
<p class=""><span class="">        </span>at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(<span class="">SSLSocketFactory.java:572</span>)</p>
<p class=""><span class="">        </span>at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(<span class="">DefaultClientConnectionOperator.java:180</span>)</p>
<p class=""><span class="">        </span>at org.apache.http.impl.conn.AbstractPoolEntry.open(<span class="">AbstractPoolEntry.java:151</span>)</p>
<p class=""><span class="">        </span>at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(<span class="">AbstractPooledConnAdapter.java:125</span>)</p>
<p class=""><span class="">        </span>at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(<span class="">DefaultRequestDirector.java:640</span>)</p>
<p class=""><span class="">        </span>at org.apache.http.impl.client.DefaultRequestDirector.execute(<span class="">DefaultRequestDirector.java:479</span>)</p>
<p class=""><span class="">        </span>at org.apache.http.impl.client.AbstractHttpClient.execute(<span class="">AbstractHttpClient.java:906</span>)</p>
<p class=""><span class="">        </span>at org.apache.http.impl.client.AbstractHttpClient.execute(<span class="">AbstractHttpClient.java:805</span>)</p>
<p class=""><span class="">        </span>at org.apache.http.impl.client.AbstractHttpClient.execute(<span class="">AbstractHttpClient.java:784</span>)</p>
<p class=""><span class="">        </span>at org.keycloak.adapters.ServerRequest.invokeAccessCodeToToken(<span class="">ServerRequest.java:78</span>) [keycloak-adapter-core-1.0-beta-1-SNAPSHOT.jar:]</p>
<p class=""><span class="">        </span>at org.keycloak.adapters.ServerRequest.invokeAccessCodeToToken(<span class="">ServerRequest.java:55</span>) [keycloak-adapter-core-1.0-beta-1-SNAPSHOT.jar:]</p>
<p class=""><span class="">        </span>at org.keycloak.adapters.OAuthRequestAuthenticator.resolveCode(<span class="">OAuthRequestAuthenticator.java:256</span>) [keycloak-adapter-core-1.0-beta-1-SNAPSHOT.jar:]</p>
<p class=""><span class="">        </span>at org.keycloak.adapters.OAuthRequestAuthenticator.authenticate(<span class="">OAuthRequestAuthenticator.java:205</span>) [keycloak-adapter-core-1.0-beta-1-SNAPSHOT.jar:]</p>
<p class=""><span class="">        </span>at org.keycloak.adapters.RequestAuthenticator.authenticate(<span class="">RequestAuthenticator.java:59</span>) [keycloak-adapter-core-1.0-beta-1-SNAPSHOT.jar:]</p>
<p class=""><span class="">        </span>at org.keycloak.adapters.undertow.ServletKeycloakAuthMech.authenticate(<span class="">ServletKeycloakAuthMech.java:38</span>) [keycloak-undertow-adapter-1.0-beta-1-SNAPSHOT.jar:]</p>
<p class=""><span class="">        </span>at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(<span class="">SecurityContextImpl.java:281</span>) [undertow-core-1.0.0.Final.jar:1.0.0.Final]</p>
<p class=""><span class="">        </span>at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(<span class="">SecurityContextImpl.java:298</span>) [undertow-core-1.0.0.Final.jar:1.0.0.Final]</p>
<p class=""><span class="">        </span>at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(<span class="">SecurityContextImpl.java:268</span>) [undertow-core-1.0.0.Final.jar:1.0.0.Final]</p>
<p class=""><span class="">        </span>at io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(<span class="">SecurityContextImpl.java:131</span>) [undertow-core-1.0.0.Final.jar:1.0.0.Final]</p>
<p class=""><span class="">        </span>at io.undertow.security.impl.SecurityContextImpl.authTransition(<span class="">SecurityContextImpl.java:106</span>) [undertow-core-1.0.0.Final.jar:1.0.0.Final]</p>
<p class=""><span class="">        </span>at io.undertow.security.impl.SecurityContextImpl.authenticate(<span class="">SecurityContextImpl.java:99</span>) [undertow-core-1.0.0.Final.jar:1.0.0.Final]</p>
<p class=""><span class="">        </span>at io.undertow.security.handlers.AuthenticationCallHandler.handleRequest(<span class="">AuthenticationCallHandler.java:50</span>) [undertow-core-1.0.0.Final.jar:1.0.0.Final]</p>
<p class=""><span class="">        </span>at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(<span class="">AuthenticationConstraintHandler.java:51</span>) [undertow-core-1.0.0.Final.jar:1.0.0.Final]</p>

<p class=""><span class="">        </span>at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(<span class="">AbstractConfidentialityHandler.java:45</span>) [undertow-core-1.0.0.Final.jar:1.0.0.Final]</p>

<p class=""><span class="">        </span>at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(<span class="">ServletConfidentialityConstraintHandler.java:61</span>) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final]</p>

<p class=""><span class="">        </span>at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(<span class="">ServletSecurityConstraintHandler.java:56</span>) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final]</p>

<p class=""><span class="">        </span>at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(<span class="">AuthenticationMechanismsHandler.java:58</span>) [undertow-core-1.0.0.Final.jar:1.0.0.Final]</p>

<p class=""><span class="">        </span>at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(<span class="">CachedAuthenticatedSessionHandler.java:70</span>) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final]</p>

<p class=""><span class="">        </span>at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(<span class="">SecurityInitialHandler.java:76</span>) [undertow-core-1.0.0.Final.jar:1.0.0.Final]</p>
<p class=""><span class="">        </span>at io.undertow.server.handlers.PredicateHandler.handleRequest(<span class="">PredicateHandler.java:25</span>) [undertow-core-1.0.0.Final.jar:1.0.0.Final]</p>
<p class=""><span class="">        </span>at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(<span class="">JACCContextIdHandler.java:61</span>)</p>
<p class=""><span class="">        </span>at io.undertow.server.handlers.PredicateHandler.handleRequest(<span class="">PredicateHandler.java:25</span>) [undertow-core-1.0.0.Final.jar:1.0.0.Final]</p>
<p class=""><span class="">        </span>at org.keycloak.adapters.undertow.ServletPreAuthActionsHandler.handleRequest(<span class="">ServletPreAuthActionsHandler.java:54</span>) [keycloak-undertow-adapter-1.0-beta-1-SNAPSHOT.jar:]</p>

<p class=""><span class="">        </span>at io.undertow.server.handlers.PredicateHandler.handleRequest(<span class="">PredicateHandler.java:25</span>) [undertow-core-1.0.0.Final.jar:1.0.0.Final]</p>
<p class=""><span class="">        </span>at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(<span class="">ServletInitialHandler.java:240</span>) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final]</p>
<p class=""><span class="">        </span>at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(<span class="">ServletInitialHandler.java:227</span>) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final]</p>
<p class=""><span class="">        </span>at io.undertow.servlet.handlers.ServletInitialHandler.access$000(<span class="">ServletInitialHandler.java:73</span>) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final]</p>
<p class=""><span class="">        </span>at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(<span class="">ServletInitialHandler.java:146</span>) [undertow-servlet-1.0.0.Final.jar:1.0.0.Final]</p>
<p class=""><span class="">        </span>at io.undertow.server.Connectors.executeRootHandler(<span class="">Connectors.java:168</span>) [undertow-core-1.0.0.Final.jar:1.0.0.Final]</p>
<p class=""><span class="">        </span>at io.undertow.server.HttpServerExchange$1.run(<span class="">HttpServerExchange.java:687</span>) [undertow-core-1.0.0.Final.jar:1.0.0.Final]</p>
<p class=""><span class="">        </span>at java.util.concurrent.ThreadPoolExecutor.runWorker(<span class="">ThreadPoolExecutor.java:1145</span>) [rt.jar:1.7.0_45]</p>
<p class=""><span class="">        </span>at java.util.concurrent.ThreadPoolExecutor$Worker.run(<span class="">ThreadPoolExecutor.java:615</span>) [rt.jar:1.7.0_45]</p>
<p class=""><span class="">        </span>at java.lang.Thread.run(<span class="">Thread.java:744</span>) [rt.jar:1.7.0_45]</p></div>