6:09 a.m.
Hi all,
I am trying to import a custom jks keystore into keycloak in a Dockerfile
[1]. The problem is Wildfly uses the default self-signed certificate
instead.
Everything worked fine with Keycloak 4.1.0.Final. Something might have
broken in the latest version (I suspect the new Undertow server). Perhaps,
the documentation [2] should be updated.
Any help would be appreciated. Thanks in advance.
Regards,
Pavel Maslov, MS
[1] https://github.com/maslick/keycloak-docker
[2]
https://www.keycloak.org/docs/latest/server_installation/index.html#enabl...
6:41 a.m.
One thing to add: the problem is traced to migrating from 4.4.0 to 4.5.0
(4.4.0.Final is fine). Looking at the release notes [1] there seems to be
no major changes that could affect the SSL configuration.
Any ideas?
[1]
https://www.keycloak.org/docs/latest/release_notes/index.html#keycloak-4-...
Regards,
Pavel Maslov, MS
On Sun, Jan 27, 2019 at 1:09 PM Pavel Maslov <pavel.masloff(a)gmail.com>
wrote:
Hi all,
I am trying to import a custom jks keystore into keycloak in a Dockerfile
[1]. The problem is Wildfly uses the default self-signed certificate
instead.
Everything worked fine with Keycloak 4.1.0.Final. Something might have
broken in the latest version (I suspect the new Undertow server). Perhaps,
the documentation [2] should be updated.
Any help would be appreciated. Thanks in advance.
Regards,
Pavel Maslov, MS
[1] https://github.com/maslick/keycloak-docker
[2]
https://www.keycloak.org/docs/latest/server_installation/index.html#enabl...
7:22 a.m.
Attaching two files:
1. standalone.xml - the resulting keycloak configuration.
2. keycloak-ssl.log - keycloak log.
HTH
Regards,
Pavel Maslov, MS
On Sun, Jan 27, 2019 at 1:41 PM Pavel Maslov <pavel.masloff(a)gmail.com>
wrote:
One thing to add: the problem is traced to migrating from 4.4.0 to
4.5.0
(4.4.0.Final is fine). Looking at the release notes [1] there seems to be
no major changes that could affect the SSL configuration.
Any ideas?
[1]
https://www.keycloak.org/docs/latest/release_notes/index.html#keycloak-4-...
Regards,
Pavel Maslov, MS
On Sun, Jan 27, 2019 at 1:09 PM Pavel Maslov <pavel.masloff(a)gmail.com>
wrote:
> Hi all,
>
>
> I am trying to import a custom jks keystore into keycloak in a Dockerfile
> [1]. The problem is Wildfly uses the default self-signed certificate
> instead.
>
> Everything worked fine with Keycloak 4.1.0.Final. Something might have
> broken in the latest version (I suspect the new Undertow server). Perhaps,
> the documentation [2] should be updated.
>
> Any help would be appreciated. Thanks in advance.
>
> Regards,
> Pavel Maslov, MS
>
> [1] https://github.com/maslick/keycloak-docker
> [2]
>
https://www.keycloak.org/docs/latest/server_installation/index.html#enabl...
>
>
12:06 p.m.
Hello Pavel,
Starting with 4.5.0, Keycloak Docker image uses standalone-ha.xml by default. I guess this
is the issue. Unfortunately, this change was not documented, and you're not the first
one to step on this landmine.
Cheers,
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info(a)acutus.pro
On Sun, 2019-01-27 at 13:09 +0100, Pavel Maslov wrote:
Hi all,
I am trying to import a custom jks keystore into keycloak in a Dockerfile
[1]. The problem is Wildfly uses the default self-signed certificate
instead.
Everything worked fine with Keycloak 4.1.0.Final. Something might have
broken in the latest version (I suspect the new Undertow server). Perhaps,
the documentation [2] should be updated.
Any help would be appreciated. Thanks in advance.
Regards,
Pavel Maslov, MS
[1] https://github.com/maslick/keycloak-docker
[2]
https://www.keycloak.org/docs/latest/server_installation/index.html#enabl...
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
2:13 p.m.
Spasibo, Dmitry! That solved the issue :)
Regards,
Pavel Maslov, MS
On Sun, Jan 27, 2019 at 7:06 PM Dmitry Telegin <dt(a)acutus.pro> wrote:
Hello Pavel,
Starting with 4.5.0, Keycloak Docker image uses standalone-ha.xml by
default. I guess this is the issue. Unfortunately, this change was not
documented, and you're not the first one to step on this landmine.
Cheers,
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info(a)acutus.pro
On Sun, 2019-01-27 at 13:09 +0100, Pavel Maslov wrote:
> Hi all,
>
>
> I am trying to import a custom jks keystore into keycloak in a Dockerfile
> [1]. The problem is Wildfly uses the default self-signed certificate
> instead.
>
> Everything worked fine with Keycloak 4.1.0.Final. Something might have
> broken in the latest version (I suspect the new Undertow server).
Perhaps,
> the documentation [2] should be updated.
>
> Any help would be appreciated. Thanks in advance.
>
> Regards,
> Pavel Maslov, MS
>
> [1] https://github.com/maslick/keycloak-docker
> [2]
>
https://www.keycloak.org/docs/latest/server_installation/index.html#enabl...
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
2173
days inactive
2173
days old
4 comments
2 participants
participants (2)
-
Dmitry Telegin -
Pavel Maslov