[keycloak-user] Setting up SSL certificate on keycloak container

Sebastian Laskawiec slaskawi at redhat.com
Mon May 6 03:43:40 EDT 2019


The problem is probably with the .csr file. The container expects tls.cer,
which is basically the Certificate itself rather than Certificate Signing
Request.

On Mon, Apr 29, 2019 at 10:18 AM Francesco Longo <
francesco.longo at linksfoundation.com> wrote:

> Good morning! I have a problem setting up keycloak on a docker container,
> using portainer, installing the SSL certificate.
>
>   *   I installed from portainer the official jboss keycloak image (5.0.0)
> setting up the internal 8443 port (in this case it recognize to use HTTPS).
>   *   I have my 2 files (.csr and .key certificates) placed on the
> /etc/x509/https folder of the docker container.
>
> I have some errors:
>
>   *   Connecting to the keycloak:port/auth I get the error: "Error code:
> SSL_ERROR_NO_CYPHER_OVERLAP" and I cannot connect to that page...
>   *   Performing a request to my application that is protected by keycloak
> I get a response error:
> "Error: write EPROTO 140495380186944:error:14077410:SSL
> routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake
> failure:../deps/openssl/openssl/ssl/s23_clnt.c:802:"...
>
> Can somebody help me? What's wrong with the SSL configuration on the
> keycloak side?
>
> [LINKS Foundation]
>
> Facebook<https://www.facebook.com/linksfoundation/> | Twitter<
> https://twitter.com/linksfoundation> | LinkedIn<
> https://www.linkedin.com/company/links-%E2%80%93-leading-innovation-&-knowledge-for-society/
> >
>
> Francesco Longo
> Rsearcher | Linksfoundation.com<https://linksfoundation.com/>
> T. +39 0112276440
> francesco.longo at linksfoundation.com<mailto:
> nome.cognome at linksfoundation.com>
>
> Personal account: LinkedIn<https://www.linkedin.com/in/france193/> |
> Skype<https://join.skype.com/invite/jt9vIqDeuk6G>
>
> ________________________________
> [Please consider the environment]
>
> Rispetta l'ambiente, pensa prima di stampare questa e-mail
> Please consider the environment before printing this email
>
>
> ________________________________
>
> Questo documento è formato esclusivamente per il destinatario. Tutte le
> informazioni ivi contenute, compresi eventuali allegati, sono da ritenere
> esclusivamente confidenziali e riservate secondo i termini del vigente
> D.Lgs. 196/2003 in materia di privacy e del Regolamento europeo 679/2016
> -GDPR- e quindi ne è proibita l'utilizzazione ulteriore non autorizzata. Se
> avete ricevuto per errore questo messaggio, Vi preghiamo cortesemente di
> contattare immediatamente il mittente e cancellare la e-mail. Grazie.
>
> Confidentiality Notice - This e-mail message including any attachments is
> for the sole use of the intended recipient and may contain confidential and
> privileged information pursuant to Legislative Decree 196/2003 and the
> European General Data Protection Regulation 679/2016 -GDPR-. Any
> unauthorized review, use, disclosure or distribution is prohibited. If you
> are not the intended recipient, please contact the sender by reply e-mail
> and destroy all copies of the original message.
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>


More information about the keycloak-user mailing list