2:59 p.m.
Hello,
I am configuring an OpenShift v3 identity provider on Keycloak using an
Ansible playbook. I have created the identity provider successfully.
After filling in my OpenShift username and password I see an "Unexpected
error when authenticating with identity provider" error from Keycloak. This
is due to the self signed certificates of the OpenShift development cluster
I am using (using oc cluster up).
I am looking for an option to ignore these errors when in a development
environment.
I have read about the 'disable-trust-manager' option, from what I
understand this can be set in development environments to avoid these
errors. However, I am not fully clear on how to use it and how to configure
it. Can this option be set using the REST API?
Any help would be greatly appreciated.
Thanks,
Aiden Keating
2:01 a.m.
I don't think Keycloak server supports the 'disable-trust-manager' option.
Keycloak adapters do, but that doesn't help you with the OpenShift IdP.
Here's details on how to configure Keycloak server truststore:
http://www.keycloak.org/docs/latest/server_installation/index.html#outgoi...
You'd probably need to import your self-signed certificate to make it work.
On 14 January 2018 at 21:59, Aiden Keating <akeating(a)redhat.com> wrote:
Hello,
I am configuring an OpenShift v3 identity provider on Keycloak using an
Ansible playbook. I have created the identity provider successfully.
After filling in my OpenShift username and password I see an "Unexpected
error when authenticating with identity provider" error from Keycloak. This
is due to the self signed certificates of the OpenShift development cluster
I am using (using oc cluster up).
I am looking for an option to ignore these errors when in a development
environment.
I have read about the 'disable-trust-manager' option, from what I
understand this can be set in development environments to avoid these
errors. However, I am not fully clear on how to use it and how to configure
it. Can this option be set using the REST API?
Any help would be greatly appreciated.
Thanks,
Aiden Keating
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev
2:38 a.m.
Apologies for not following up on this thread sooner.
After reading up a bit further on the topic I ended up configuring the
trust store.
Thanks,
Aiden
On Mon, Jan 22, 2018 at 8:01 AM, Stian Thorgersen <sthorger(a)redhat.com>
wrote:
I don't think Keycloak server supports the
'disable-trust-manager'
option. Keycloak adapters do, but that doesn't help you with the OpenShift
IdP.
Here's details on how to configure Keycloak server truststore:
http://www.keycloak.org/docs/latest/server_installation/
index.html#outgoing-http-requests
You'd probably need to import your self-signed certificate to make it work.
On 14 January 2018 at 21:59, Aiden Keating <akeating(a)redhat.com> wrote:
> Hello,
>
> I am configuring an OpenShift v3 identity provider on Keycloak using an
> Ansible playbook. I have created the identity provider successfully.
>
> After filling in my OpenShift username and password I see an "Unexpected
> error when authenticating with identity provider" error from Keycloak.
> This
> is due to the self signed certificates of the OpenShift development
> cluster
> I am using (using oc cluster up).
>
> I am looking for an option to ignore these errors when in a development
> environment.
>
> I have read about the 'disable-trust-manager' option, from what I
> understand this can be set in development environments to avoid these
> errors. However, I am not fully clear on how to use it and how to
> configure
> it. Can this option be set using the REST API?
>
> Any help would be greatly appreciated.
>
> Thanks,
> Aiden Keating
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
2530
days inactive
2538
days old
2 comments
2 participants
participants (2)
-
Aiden Keating -
Stian Thorgersen