Re: [keycloak-user] Problem with Keys

Hi Marek, thanks for the response! Of course we use specific docker image (at this moment jboss/keycloak-postgres:3.2.1.Final), so database is persistent, but (checked twice) RSA and also HMAC from "Realm settings -> Keys" are different after rebooting the Keycloak's docker. The only additional thing we do in dockerfile is adding our User Federation's provider. Do you see any mistake that we could do?

Karol On 02.01.2018 17:21, Marek Posolda wrote: > Hi, > > isn't the problem that your whole database is always "restarted" > during each keycloak reboot? Or that you always force reimport > things? If you use docker image pointed to shared database, you won't > see this problem though. We have docker images for databases like > PostgreSQL, MySQL AFAIR. > > Marek > > On 02/01/18 10:27, Karol Buler wrote: >> Hi Keycloak community! >> >> At the beginning I would wish you a Happy New Year! :) >> >> About the problem... If we run Keycloak as a docker, every time >> Keycloak >> is rebooted the Keys (Realm Setting -> Keys) are generated again. >> Result >> is that each application which use Keycloak's adapter throws "Didn't >> find publicKey for specified kid" error. This error occurs because the >> Keys are not rotated in right way, and application does not know about >> the rotation. >> >> Have you met this problem? What is your workaround? Is it an issue? >> >> Best regards, >> Karol >> >> [https://www.adbglobal.com/wp-content/uploads/adb.png] >> adbglobal.com<https://www.adbglobal.com> >> >> _______________________________________________ >> keycloak-user mailing list >> keycloak-user(a)lists.jboss.org >> https://lists.jboss.org/mailman/listinfo/keycloak-user > >