[keycloak-user] Keycloak on Openshift with custom domain and SSL certificate

Stian Thorgersen sthorger at redhat.com
Tue Mar 1 02:44:34 EST 2016

You need to configure a truststore for the adapter. See

On 29 February 2016 at 13:57, Mark Hayen <m.hayen at first8.nl> wrote:

> Hi,
> We're running our application on Openshift Online.
> Of course it is secured by keycloak running in the same gear.
> The openshift webconsole offers the possibility to import the
> certificate etc.
> but when trying to access the application it throws the following error.
> ERROR [org.keycloak.adapters.OAuthRequestAuthenticator] (default
> task-48) failed to turn code into token:
> javax.net.ssl.SSLHandshakeException:
> sun.security.validator.ValidatorException: PKIX path building failed:
>   sun.security.provider.certpath.SunCertPathBuilderException: unable to
> find valid certification path to requested target
> What do I have to do to enable keycloak to find the stuf it needs?
> Thank you
> Mark Hayen
> first8.nl
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160301/b77e57c8/attachment-0001.html 

More information about the keycloak-user mailing list