[keycloak-user] Help Needed on X509 Certificate Authentication with keycloak behind Nginx reverse proxy

Tuesday, 9 January 2018

Hello,

I am running into the exact issue described in a previous thread, and was wondering if
there have been any updates made in the recent releases that fix this issue.

http://lists.jboss.org/pipermail/keycloak-user/2017-September/011905.html

Like Thomas in that thread, everything works with the ngninx reverse proxy, but when I go
through the proxy I'm unable to login.

If I use the following line in my proxy configuration" proxy_set_header X-SSL-CERT
$ssl_client_raw_cert", I just get a blank page with no html codes or anything.

If I use $ssl_client_cert instead, I get redirected to the username/password login as if
there wasn't a client certificate.

I am currently using 3.1.0, but upgraded to Wildfly 11.

Thanks,
Matt McShea

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

[keycloak-user] Help Needed on X509 Certificate Authentication with keycloak behind Nginx reverse proxy