[keycloak-dev] Enable SSL by default

Bill Burke bburke at redhat.com
Thu Jul 31 08:53:48 EDT 2014


So hardcode the localhost requirement?  That would work.  The switch 
would be "require ssl" or "non-encrypted localhost only"

On 7/31/2014 5:40 AM, Stian Thorgersen wrote:
> To make sure no-one goes of and uses Keycloak in production without HTTPS we should require SSL by default. To still allow developers to play with Keycloak without having to configure HTTPS first we should allow non-HTTPS if accessed via localhost only.
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com


More information about the keycloak-dev mailing list