[keycloak-user] Nginx SSL endpoint login form action url uses wrong http scheme
Juraci Paixão Kröhling
juraci at kroehling.de
Thu Mar 24 08:48:57 EDT 2016
On 24.03.2016 12:20, Gary Smith wrote:
> Issue is the Keycloak login form action, it's url is using the http
> scheme rather than https so as a result login fails.
Is the login page being served under HTTPS? If so, then you might be
missing some nginx "proxy_set_header" directives in the configuration
file. Here's what I have on my nginx:
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
Besides that, you'll need to add "proxy-address-forwarding" and
"redirect-socket" to the HTTP listener, as well as add a socket-binding
for the proxy port 443. It's described here, under "3.2.7.2.1. Configure
WildFly":
http://keycloak.github.io/docs/userguide/keycloak-server/html_single/index.html#d4e348
If your login page is under HTTP, instead of HTTPS, then you might need
to adjust the server-url on the keycloak.json.
- Juca.
More information about the keycloak-user
mailing list