Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Unable to config keycloak if use https
See original GitHub issueDescription
If config https to run che by use nightly image, it can’t access keycloak by run /scripts/keycloak_config.sh in keycloak pod, Because there is no https config in keycloak_config.sh
I can access https://keycloak-domaim/auth on chrome.
Reproduction Steps
config keycloak by run job
apiVersion: batch/v1
kind: Job
metadata:
name: keycloak-configure-job
spec:
template:
spec:
initContainers:
- name: wait-for-keycloak
image: <my>/alphine:3.5
command: ["sh", "-c", " adresses_length=0; until [ $adresses_length -gt 0 ]; do echo waiting for keycloak to be ready...; sleep 2; endpoints=`curl -s --cacert /var/run/secrets/kubernetes.io/serviceaccount/ca.crt -H \"Authorization: Bearer $(cat /var/run/secrets/kubernetes.io/serviceaccount/token)\" https://kubernetes.default.svc/api/v1/namespaces/$POD_NAMESPACE/endpoints/keycloak`; adresses_length=`echo $endpoints | jq -r \".subsets[]?.addresses // [] | length\"`; done;"]
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
containers:
- name: keycloak-configure-job
image: eclipse/che-keycloak:nightly
command: ["/scripts/keycloak_config.sh"]
env:
- name: HTTP_PROTOCOL
value: "https"
- name: KC_HOST
value: <domain>
- name: CHE_KEYCLOAK_ADMIN_REQUIRE_UPDATE_PASSWORD
value: "true"
- name: CHE_HOST
value: <domain>
serviceAccountName: che-keycloak
restartPolicy: Never
#backoffLimit: 4
OS and version:
all image of che: nightly
Diagnostics:
Issue Analytics
- State:
- Created 5 years ago
- Comments:20 (5 by maintainers)
Top Results From Across the Web
Unable to run keycloak in https - Stack Overflow
1 Answer 1 ... You need to add the new security realm element using CLI tools. Do refer to this official documentation for...
Read more >Problem with HTTPS - Configuring the server - Keycloak
Hi, guys… I generated my valid certificate (https://www.sslforfree.com) to my keycloak, however I am not able to install it in any way. I'm...
Read more >Configuring TLS - Keycloak
In this guide, you will learn how to configure Keycloak to use HTTPS/TLS. ... ask for certificates and fail if no certificate is...
Read more >Unable to enable SSL in Keycloack 16.1.0 standalone
I need some help in configuring SSL. Steps I performed. Configured Keycloak in an Azure Windows VM (having a DNS mapped to public...
Read more >Bug #26449: [keycloak] Unable to generate the initial ...
[keycloak] Unable to generate the initial configuration for SAML authentication if keycloak user needs OTP · 1. Create user in keycloak. · 2....
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
@mjshashank
In the -env section for the keycloak deployment add this: {{- if .Values.global.tls.enabled }} - name: PROXY_ADDRESS_FORWARDING value: “true” {{- end }}
@eivantsov
Setting PROXY_ADDRESS_FORWARDING to true in the keycloak deployment fixed this issue for me in my GKE install.