Hi Ali,
I think by default the http module in nodejs doesn't support self-signed
certificates. Can you try add this in the nodejs code:
process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
Thanks.
On Thu, Apr 12, 2018 at 3:51 PM, Ali Ok <aliok(a)redhat.com> wrote:
Resending, after subscribing to Keycloak user list
----------------------------------
(also adding Keycloak ML)
Hi,
I am trying to integrate a Node application with a Keycloak instance
running on my local OpenShift cluster.
Node app uses the Keycloak client in this Gist: [1]
Here is the keycloak.json file used in Node app: [2]
When I pass a valid token to the Node app, Keycloak middleware on the Node
app side is trying to get the public key from Keycloak, I see there is
"self signed certificate in certificate chain" error when Keycloak lib
tries to do this:
"
// retrieve public KEY and use it to validate token
this.rotation.getJWK(token.header.kid).then(key => {
"
here:
https://github.com/keycloak/keycloak-nodejs-connect/blob/master/
middleware/auth-utils/grant-manager.js#L359
2 questions:
- How can I configure client and the Node app to have the public key
already, so that it doesn't go and fetch the public key?
- If question above doesn't make sense (I can be considered a beginner in
this area), how can I make middleware to work with a self signed cert
Keycloak instance?
I prefer the first approach.
Thanks,
Ali
[1]:
https://gist.github.com/aliok/8ae2c9d240d09367b59e491677400a96
[2]:
https://gist.github.com/aliok/23e93794847ef3493893627ca68e9650
--
WEI LI
Principal SOFTWARE ENGINEER
Red Hat Mobile <
https://www.redhat.com/>
weil(a)redhat.com M: +353862393272
<
https://red.ht/sig>