On 23 June 2016 at 21:05, <James_Saxton@ao.uscourts.gov> wrote:

Good Day,

Today I was trying to front-end KeyCloak with Apache.
Background
Keycloak 1.9.5 is installed successfully on linix, I can tuunel to it and log in using admin creds I set up.

I installed a webserver and configured SSL for the webserver and Keycloak as outlined in 3.2.6. SSL/HTTPS Requirement/Modes through 3.2.8.2. Configure Wildfly undertow subsystem
I restarted the webserver and the keycloak server.
The webserver shows the credential pop up stating the site is "strictly private". Creds do not allow me to log in through a webserver, only if I use the SSH tunnel.
Not sure were to go - the instruction are pretty simple, I suspect a config issue - not sure where though.

If you have a reverse proxy configured in front of Keycloak you need to configure it correctly. Please refer to https://keycloak.gitbooks.io/server-installation-and-configuration/content/topics/clustering/load-balancer.html, specifically "Enable HTTPS/SSL with a Reverse Proxy".

Second issue, using the SSH tunnel, I enable require "ALL SSL" as a test knowing full well I could get locked out completely. How can I reset the require ALL SSL without using the console?

You'll have to change it directly in the database.

Thanks in advance.

James Saxton
Software Infrastructure Division
Administrative Office of the U.S. Courts
One Columbus Circle, N.E.
Washington, DC 20544
(C) 908-910-5566
Teamwork makes the dream work!

_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user