[keycloak-user] Help - two issues

Stian Thorgersen sthorger at redhat.com
Tue Jun 28 09:41:18 EDT 2016


On 23 June 2016 at 21:05, <James_Saxton at ao.uscourts.gov> wrote:

> Good Day,
>
> Today I was trying to front-end KeyCloak with Apache.
> Background
> Keycloak 1.9.5 is installed successfully on linix, I can tuunel to it and
> log in using admin creds I set up.
>
> I installed a webserver and configured SSL for the webserver and Keycloak
> as outlined in *3.2.6. SSL/HTTPS Requirement/Modes*  through *3.2.8.2. Configure
> Wildfly undertow subsystem*
> I restarted the webserver and the keycloak server.
> The webserver shows the credential  pop up stating the site is "strictly
> private".  Creds do not allow me to log in through a webserver, only if I
> use the SSH tunnel.
> Not sure were to go - the instruction are pretty simple, I suspect a
> config issue - not sure where though.
>

If you have a reverse proxy configured in front of Keycloak you need to
configure it correctly. Please refer to
https://keycloak.gitbooks.io/server-installation-and-configuration/content/topics/clustering/load-balancer.html,
specifically "Enable HTTPS/SSL with a Reverse Proxy".


>
> Second issue, using the SSH tunnel, I enable require "ALL SSL"  as a test
> knowing full well I could get locked out completely.  How can I reset the
> require ALL SSL without using the console?
>

You'll have to change it directly in the database.


>
> Thanks in advance.
>
> James Saxton
> Software Infrastructure Division
> Administrative Office of the U.S. Courts
> One Columbus Circle, N.E.
> Washington, DC 20544
> (C) 908-910-5566
> *Teamwork makes the dream work!*
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160628/5ce83a0c/attachment.html 


More information about the keycloak-user mailing list