[keycloak-user] Keycloak 1.9.0 CR1 not serving javascript in https when fronted with Apache2 and mod_proxy_ajp

Stian Thorgersen sthorger at redhat.com
Tue Feb 23 08:36:49 EST 2016


Did you configure Keycloak according to
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-installation.html#d4e386
?

On 23 February 2016 at 14:28, Michael Mok <teatimej at gmail.com> wrote:

> Hi
>
>
> Not sure if I missed any thing here. But I am getting the following error
> when fronting keycloak 1.9.0 CR1 with Apache http server. I am running
> keycloak 1.9.0 CR1 with Wildfly 10. it is a bug or something I missed in
> my configuration. My setup is browser -> https -> Apache2 -> ajp ->
> keycloak 1.9.CR1.
>
> The setup and files are taken from keycloak-1.9.0.CR1.tar.gz with no
> modification apart from adding the ajp listener on start port 8009.
>
> Any idea? Thanks.
>
> but requested an insecure script '
> http://demo.test.com/auth/resources/1.9.0.cr1/admin/keycloak/js/controllers/realm.js'.
> This request has been blocked; the content must be served over HTTPS.
> demo.test.com/:1 Mixed Content: The page at '
> https://demo.test.com/auth/admin/master/console/' was loaded over HTTPS,
> but requested an insecure script '
> http://demo.test.com/auth/resources/1.9.0.cr1/admin/keycloak/js/controllers/clients.js'.
> This request has been blocked; the content must be served over HTTPS.
> demo.test.com/:1 Mixed Content: The page at '
> https://demo.test.com/auth/admin/master/console/' was loaded over HTTPS,
> but requested an insecure script '
> http://demo.test.com/auth/resources/1.9.0.cr1/admin/keycloak/js/controllers/users.js'.
> This request has been blocked; the content must be served over HTTPS.
> demo.test.com/:1 Mixed Content: The page at '
> https://demo.test.com/auth/admin/master/console/' was loaded over HTTPS,
> but requested an insecure script '
> http://demo.test.com/auth/resources/1.9.0.cr1/admin/keycloak/js/controllers/groups.js'.
> This request has been blocked; the content must be served over HTTPS.
> demo.test.com/:1 Mixed Content: The page at '
> https://demo.test.com/auth/admin/master/console/' was loaded over HTTPS,
> but requested an insecure script '
> http://demo.test.com/auth/resources/1.9.0.cr1/admin/keycloak/js/loaders.js'.
> This request has been blocked; the content must be served over HTTPS.
> demo.test.com/:1 Mixed Content: The page at '
> https://demo.test.com/auth/admin/master/console/' was loaded over HTTPS,
> but requested an insecure script '
> http://demo.test.com/auth/resources/1.9.0.cr1/admin/keycloak/js/services.js'.
> This request has been blocked; the content must be served over HTTPS.
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160223/9ae9e27c/attachment.html 


More information about the keycloak-user mailing list