[keycloak-user] keycloak-gatekeeper https question
Sankar P
sankar.curiosity at gmail.com
Tue Oct 22 10:02:13 EDT 2019
Hi,
I have setup keycloak and keycloak-gatekeeper as two pods in a kubernetes
setup. I have setup an nginx controller to frontend these.
Now, when keycloak-gatekeeper is getting launched, I pass:
helm install gatekeeper --set discovery_url="http://keycloak-svc"
Where `keycloak-svc` is the service URL for the keycloak service. However,
when a browser request is made, this url gets sent to the browser where
this cannot be resolved (as it is internal to the kubernetes cluster).
Instead of this url, if I pass:
helm install gatekeeper --set discovery_url="https://ingress_ip/auth"
which is the keycloak public url via the ingress, then there is a different
issue as:
https certificate for `https://ingress_ip` could not be verified.
How do I fix this ? Is there anyway I can ask kavach-gatekeeper to ignore
certificate validations for keycloak discovery_url ?
Thanks.
--
Sankar P
http://psankar.blogspot.com
More information about the keycloak-user
mailing list