[keycloak-user] Keycloak with apache in front

mj lists at merit.unu.edu
Thu May 31 04:21:03 EDT 2018


This apache2 vhost.conf (under debian 8) works for us:

> <VirtualHost *:443>
>                 ServerAdmin webmaster at company.com
>                 ServerName keycloak.company.com
>                 DocumentRoot /var/www/html
> 
>     RewriteEngine On
>     RewriteCond %{REQUEST_URI} ^/$
>     RewriteRule ^/.*$ https://id.company.com/auth/realms/domain/account
> 
>     ProxyPreserveHost       On
>     ProxyVia                Off
>     ProxyRequests           Off
>     ProxyPass               /       "http://localhost:8080/"
>     ProxyPassReverse        /       "http://localhost:8080/"
> 
>     RequestHeader set X-Forwarded-Proto "https"
>     RequestHeader set X-Forwarded-Port "443"
> 
> <Proxy *>
>     Order deny,allow
>     Allow from all
> </Proxy>
> 
>                 # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
>                 # error, crit, alert, emerg.
>                 # It is also possible to configure the loglevel for particular
>                 # modules, e.g.
>                 LogLevel debug ssl:warn
> 
>                 ErrorLog ${APACHE_LOG_DIR}/keycloak-error.log
>                 CustomLog ${APACHE_LOG_DIR}/keycloak-access.log combined
> 
> 
>                 #   SSL Engine Switch:
>                 #   Enable/Disable SSL for this virtual host.
>                 SSLEngine on
>                 SSLCertificateFile      /etc/ssl/apache2/cert.pem
>                 SSLCertificateKeyFile /etc/ssl/apache2/cert.key
>                 SSLCertificateChainFile /etc/ssl/apache2/fullchain.pem
> 
> </VirtualHost>

Perhaps it will help you.

MJ


More information about the keycloak-user mailing list