[keycloak-user] keycloak-gatekeeper https question

Sankar P sankar.curiosity at gmail.com
Tue Oct 22 10:02:13 EDT 2019


Hi,

I have setup keycloak and keycloak-gatekeeper as two pods in a kubernetes
setup. I have setup an nginx controller to frontend these.

Now, when keycloak-gatekeeper is getting launched, I pass:

helm install gatekeeper --set discovery_url="http://keycloak-svc"

Where `keycloak-svc` is the service URL for the keycloak service. However,
when a browser request is made, this url gets sent to the browser where
this cannot be resolved (as it is internal to the kubernetes cluster).

Instead of this url, if I pass:

helm install gatekeeper --set discovery_url="https://ingress_ip/auth"

which is the keycloak public url via the ingress, then there is a different
issue as:

https certificate for `https://ingress_ip` could not be verified.

How do I fix this ? Is there anyway I can ask kavach-gatekeeper to ignore
certificate validations for keycloak discovery_url ?

Thanks.



-- 
Sankar P
http://psankar.blogspot.com


More information about the keycloak-user mailing list