[keycloak-user] TLS configuration issues with 4.5.0
Balazs Kovacs
balazskov at gmail.com
Sat Nov 10 11:52:46 EST 2018
Hi,
I run a test instance of keycloak from public docker hub.
I'm able to set up the server with TLS on default port 8443 up until KC
4.3.0 with my own certificates. I did not try with 4.4.0, but 4.5.0 never
succeeds and ends up with a auto-generated self-signed certificate in any
case.
I attached the standalone.xml configuration I use. When I turn on DEBUG log
level, I get the below suspicious error that I thought is related:
ESC[0mESC[32m10:07:51,880 DEBUG [org.jboss.as.domain.management] (MSC
service thread 1-2) Starting 'ApplicationRealm' Security Realm Service
ESC[0mESC[32m10:07:52,028 DEBUG [org.jboss.modcluster] (MSC service thread
1-1) MODCLUSTER000005: Received add context event for
default-host:/wildfly-services
ESC[0mESC[32m10:07:52,032 DEBUG [org.jboss.modcluster] (MSC service thread
1-1) MODCLUSTER000007: Received start context event for
default-host:/wildfly-services
ESC[0mESC[32m10:07:52,124 DEBUG [io.undertow] (MSC service thread 1-1) JDK9
ALPN not supported: java.lang.NoSuchMethodException:
javax.net.ssl.SSLParameters.setApplicationProtocols([Ljava.lang.String;)
at java.lang.Class.getMethod(Class.java:1786)
at
io.undertow.protocols.alpn.JDK9AlpnProvider$1.run(JDK9AlpnProvider.java:47)
at
io.undertow.protocols.alpn.JDK9AlpnProvider$1.run(JDK9AlpnProvider.java:43)
at java.security.AccessController.doPrivileged(Native Method)
at
io.undertow.protocols.alpn.JDK9AlpnProvider.<clinit>(JDK9AlpnProvider.java:43)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
Method)
at
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at java.lang.Class.newInstance(Class.java:442)
at
java.util.ServiceLoader$LazyIterator.nextService(ServiceLoader.java:380)
at java.util.ServiceLoader$LazyIterator.next(ServiceLoader.java:404)
at java.util.ServiceLoader$1.next(ServiceLoader.java:480)
at
io.undertow.protocols.alpn.ALPNManager.<init>(ALPNManager.java:40)
at
io.undertow.protocols.alpn.ALPNManager.<clinit>(ALPNManager.java:35)
at
io.undertow.server.protocol.http.AlpnOpenListener.<init>(AlpnOpenListener.java:68)
at
io.undertow.server.protocol.http.AlpnOpenListener.<init>(AlpnOpenListener.java:94)
at
org.wildfly.extension.undertow.HttpsListenerService.createAlpnOpenListener(HttpsListenerService.java:123)
at
org.wildfly.extension.undertow.HttpsListenerService.createOpenListener(HttpsListenerService.java:108)
at
org.wildfly.extension.undertow.ListenerService.start(ListenerService.java:177)
at
org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1736)
at
org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1698)
at
org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1556)
at
org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
at
org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)
at
org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)
at
org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1364)
at java.lang.Thread.run(Thread.java:748)
Any idea what's going wrong with this version of keycloak docker image and
TLS setup?
Thanks,
Balazs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: standalone-4.5.0.xml
Type: text/xml
Size: 32110 bytes
Desc: not available
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20181110/9bc9b821/attachment-0001.xml
More information about the keycloak-user
mailing list