By PK certificate authentication do you mean mutual SSL? If so it's on our radar, but not a high priority as we haven't had demand for it. It may take a while until we get around to it.

You may also be able to implement it yourself using a custom authenticator and a root CA certificate added to the underlying Undertow/WildFly.

On 5 June 2016 at 16:31, Peter Nalyvayko <petervn1@yahoo.com> wrote:

Hi again,
Judging from the silence regarding my question about a support for PK certificate user authentication in keycloak I guess I must assume that PK certificate authentication is not supported out of the box.

>Sent: Wednesday, June 1, 2016 1:19 PM
>Subject: Fw: Are there plans to implement PK Certificate user authentication?

>Hello,
>
>Cross-posting...We are considering using keycloak as an STS (Secure Token Service). One of the requirements is PK >certificate user authentication. It seems the only supported user authentication mechanism in keycloak is user >credentials (user name / password). Before rolling out our own implementation, I just want to make sure I am not >missing something obvious and that PK authentication is indeed not supported in keycloak yet.
>Regards,
>Peter

_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user