<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>Hi</p>
<p>Just a few weeks ago I had to setup KC behind reverse proxy with
TLS and this tutorial did it for me:
<a class="moz-txt-link-freetext" href="http://mirocupak.com/configuring-wildfly-behind-a-reverse-proxy-with-tls/">http://mirocupak.com/configuring-wildfly-behind-a-reverse-proxy-with-tls/</a></p>
<p>I did have to disable HTTP redirect because it was causing
problems (read the comments).<br>
</p>
<br>
<div class="moz-cite-prefix">Predrag Mijatovic je 07. 09. 2016 ob
11:37 napisal:<br>
</div>
<blockquote
cite="mid:FFE2192B-0E5A-4140-970E-AAD7A6D45D12@gmail.com"
type="cite">
<pre wrap="">Hello,
I need help with Keycloak over HTTPS...I've started Keycloak with
"./standalone.sh -b 10.45.0.6". I have DNS name login.mysite.com <a class="moz-txt-link-rfc2396E" href="http://login.mysite.com/"><http://login.mysite.com/></a> which points to
NGINX listening on a public IP. NGINX is set up as a reverse proxy:
server {
ssl on;
listen 443;
server_name login.mysite.com <a class="moz-txt-link-rfc2396E" href="http://login.mysite.com/"><http://login.mysite.com/></a>;
ssl_verify_client off;
proxy_ssl_server_name on;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_pass <a class="moz-txt-link-freetext" href="http://10.45.0.6:8080">http://10.45.0.6:8080</a> <a class="moz-txt-link-rfc2396E" href="http://10.45.0.6:8080/"><http://10.45.0.6:8080/></a>;
}
}
I can successfully open <a class="moz-txt-link-freetext" href="https://login.mysite.com/auth/">https://login.mysite.com/auth/</a> <a class="moz-txt-link-rfc2396E" href="https://login.mysite.com/auth/"><https://login.mysite.com/auth/></a> (green padlock and
everything), but <a class="moz-txt-link-freetext" href="https://login.mysite.conf/auth/admin/master/console/">https://login.mysite.conf/auth/admin/master/console/</a> <a class="moz-txt-link-rfc2396E" href="https://login.mysite.conf/auth/admin/master/console/"><https://login.mysite.conf/auth/admin/master/console/></a> fails with
"{{notification.header}} {{notification.message}} Loading...". Inspecting the
web page I see that a lot of .js files are served over HTTP and the browser
complains about mixed content.
Reading the docs I figured that setting stuff on the side of reverse proxy is
enough? Do I need to do anything else?
Thanks
</pre>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
keycloak-user mailing list
<a class="moz-txt-link-abbreviated" href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-user">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
</blockquote>
<br>
</body>
</html>