I am new to keycloak and playing around a little. I have small REST service i have deployed in the keycloak server and am trying to secure it. This is how far i have gotten:

1) I got the basic auth running.

2 ) I was abel to force SSL all through. Using a truststore in the adapter and the necessary settings in standalone.xml

to take a step further i added:

to the security-realm which i used in step 2 to enable SSL, added the truststore to the required directory. How ever this broke the application partly. I can reach the master-realm login and admin console. When i go to the URL of the REST service i am redirected to the loginpage of my application realm. But after sucessfully logging in, i get a 403 forbidden and "SSLPeerUnverifiedException: peer not authenticated" error in the logs.

Does any one have an idea why? The only thing that changed from one way SSL to two-way SSL is the undertow configuration, why does it disturb the adapter?

Best,

Sahil