[keycloak-user] Proxying and changing port.
Kevin Thorpe
kevin.thorpe at p-i.net
Fri Sep 18 09:25:53 EDT 2015
Still struggling with wrapping Keycloak under nginx. Keycloak runs on our
internal infrastructure
on port 8443 because it's a right pain to get it on port 443.
Now some of our clients have restrictive firewalls that only allow 80 and
443 so I'm trying to
proxy it on port 443 in Nginx so we have a single pont of contact. It
doesn't work.
Chrome is giving ERR_RESPONSE_HEADERS_TRUNCATED and I'm not sure why.
Redirect is happening properly as shown from an AWS client:
52.21.xxx.xxx - - [18/Sep/2015:14:23:49 +0100] xxxx.pibenchmark.com "GET /
HTTP/1.1" 009 7 "-" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/45.0.2454.93 Safari/537.36" "10.20.13.184:8443"
Can Keycloak not handle the difference in ports? I'm really struggling to
understand here.
nginx config:
# login-uat server
server {
listen 10.20.13.11:443;
server_name xxxx.pibenchmark.com;
ssl on;
# ssl key bits
client_max_body_size 10G;
location / {
proxy_pass http://login-uat-cluster;
}
}
# only one of these will be working but nginx should be able to work out
which
upstream login-uat-cluster {
server keycloak.pibenchmark.com:8443;
}
*Kevin Thorpe*
CTO
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150918/24c4eac6/attachment.html
More information about the keycloak-user
mailing list