i managed to resolve the issue by setting. 
 "disable-trust-manager": true
now there are 2 more issues.

1) proxy is redirecting to actual app but is not consistent. sometimes can redirect but sometimes prompted a download file.

2) noticed 
KEYCLOAK_USERNAME is not set in the cookie


On Tue, Feb 24, 2015 at 12:25 PM, Chen Keong Yap <chenkeong.yap@izeno.com> wrote:

i've already added ssl cert to java cacerts. do you have any ideas what went wrong?



INFO: XNIO NIO Implementation Version 3.3.0.Final
Feb 24, 2015 12:23:54 PM org.keycloak.adapters.OAuthRequestAuthenticator resolve
Code
ERROR: failed to turn code into token
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
        at sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.ja
va:397)
        at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.jav
a:128)
        at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFact
ory.java:572)
        at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnect
ion(DefaultClientConnectionOperator.java:180)
        at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.ja
va:151)
        at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPool
edConnAdapter.java:125)
        at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(Default
RequestDirector.java:640)
        at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultReq
uestDirector.java:479)
        at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpCl
ient.java:906)
        at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpCl
ient.java:805)
        at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpCl
ient.java:784)
        at org.keycloak.adapters.ServerRequest.invokeAccessCodeToToken(ServerReq
uest.java:122)
        at org.keycloak.adapters.ServerRequest.invokeAccessCodeToToken(ServerReq
uest.java:95)
        at org.keycloak.adapters.OAuthRequestAuthenticator.resolveCode(OAuthRequ
estAuthenticator.java:261)
        at org.keycloak.adapters.OAuthRequestAuthenticator.authenticate(OAuthReq
uestAuthenticator.java:208)
        at org.keycloak.adapters.RequestAuthenticator.authenticate(RequestAuthen
ticator.java:90)

On Mon, Feb 23, 2015 at 6:31 PM, Chen Keong Yap <chenkeong.yap@izeno.com> wrote:

Just wondering is there any issues with the keycloak proxy. Step 4 and 5 not happening

On Feb 20, 2015 10:21 PM, "Schneider, John DODGE CONSULTING SERVICES, LLC" <John.Schneider@carrier.utc.com> wrote:

Hi,

 

I’m also experimenting with the proxy server.  Its working perfectly for some target URL’s, but I’m getting 404 errors for other known-valid URL’s.  No idea if this is the root cause or not, but I think there’s a correlation between target servers that serve virtual hosts and require either absolute paths in the HTTP GET, or the Host header as defined in HTTP 1.1.  The proxy seems to be fine whenever I can telnet to a server and receive a successful GET response without specifying the host.

 

Is there any way to trigger proxy  logging or more verbose output?  This would be very useful for troubleshooting this and other foreseeable issues.

 

Thanks,

John


_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user