I deployed a Keycloak instance in a docker container on Heroku. The app
is being served by Heroku load balancer over https.
The JBoss server options I provide are as follows:
-Djboss.bind.address=0.0.0.0 -Djboss.http.port=$PORT
However when I access the admin console I have this error in the browser:
===
The page at
'https://xxx.com/auth/realms/fasttrack/protocol/openid-connect/auth...
was loaded over a secure connection, but contains a form that targets an
insecure endpoint
'http://xxx.com/auth/realms/fasttrack/login-actions/authenticate?....
This endpoint should be made available over a secure connection.
===
why is that? How does Keycloak make a decision to request content over
HTTP when it was served over HTTPS?
Maybe there are some server settings I am missing?
As for setting "Require SSL=None" in the Keycloak admin panel - I
already did that. That didn't help.
--
Михаил Новиков
Ведущий разработчик
fstrk.io
Show replies by date