[keycloak-user] Testing Keycloak DynamicOP using openid.net

Hello. I’m reaching out to ask about the Conformance Testing Suite, available at http://openid.net/certification/testing/. At this time, we are evaluating Keycloak and some of the available OpenID Connect Libraries and Products, and would like to perform certification testing locally. So, the question is… do you have a breakdown of Keycloak configuration to allow for Conformance Testing in a local dev environment, i.e. localhost. I have tried to test and keep getting a connection refused error when I try the Dynamic Discovery and Registration test. To give some insight… I am using the oidctest repo locally I have keycloak running, no problem I’ve set realm to not require ssl I deleted all anonymous client registration policies But when I run the test, using the issuer ashttp://localhost:8080/auth/realms/master orhttps://localhost:8443/auth/realms/master, I get Discovery:OP-Response-Missing: status=ERROR, message=HTTPSConnectionPool(host='localhost', port=8443): Max retries exceeded with url: /auth/realms/master/.well-known/openid-configuration (Caused by NewConnectionError(': Failed to establish a new connection: [Errno 111] Connection refused',)) I also tried setting up a reverse proxy to handle ssl traffic, to no avail. I don’t have a problem, working with keycloak since I can curl most of the commands or use python requests, etc…And, really the point of this is to test(out-of-the-box) without having to alter any source code from Github. Hence, I’m reaching out to the source and I want to ask if you have a setup to allow keycloak to be tested on a local machine. -- Jonathan Carrasco (173F) Jet Propulsion Laboratory – California Institute of Technology