Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[KC 17.0.1] Blank admin console with a self-signed cert

See original GitHub issue

Describe the bug

Logging into the admin console presents a blank page after the page header.

Version

17.0.1

Expected behavior

After logging in with the admin account, I’d expect to see the admin console.

Actual behavior

I’m able to access the server’s web pages both on http (port 8080) and https (port 8443), however in both cases after logging in with the admin account, I’m presented with the admin console that contains the top banner and a blank page, both locally and from a remote workstation.

How to Reproduce?

I’m running Keycloak 17.0.1 on a Windows Server 2016 server, and have generated a self-signed certificate as follows:

keytool -genkey -keyalg RSA -alias selfsigned -keystore .\conf\server.keystore -storepass password -validity 360 -keysize 2048

I’ve run a build of the server with this command:

.\bin\kc.bat build --db mssql --transaction-xa-enabled=false

I’ve set the following environment variable:

$Env:KC_HOSTNAME_STRICT_HTTPS='false'

I then start the server with this command:

.\bin\kc.bat start `
   --db-url-host=SERVERNAME `
   --db-url-database=DBNAME `
   --db-username=DBUSER `
   --db-password=DBPASSWORD `
   --db-schema=dbo `
   --hostname=SERVERNAME `
   --hostname-strict-https=false `
   --http-enabled=true

Anything else?

No response

Issue Analytics

State:
Created a year ago
Reactions:1
Comments:13 (5 by maintainers)

Top GitHub Comments

1reaction

DGuhrcommented, Apr 7, 2022

@mcattle i could reproduce that behaviour and found it unsatisfying, so created #11134 to do better. hopefully it can make it to v18, trying to come up with sth today that lowers ALL_CAPS hostnames and then checks for actual validity (atm it is also possible to use non-compliant hostnames with e.g. more than 253 characters)

update: ok, after learning that nothing is ever easy, especially not international hostnames, IDN, upper/lowercase behaviour in different languages, I closed the PR I had with a not-sufficient solution and will update the docs instead for now 😅

1reaction

ssmtlbncommented, Mar 30, 2022

I’ve the same issue with 17.0.1 in a Docker container based on Alpine (latest). The following env vars are set:

KC_DB=postgres 
KC_DB_SCHEMA=schema
KC_DB_URL_HOST=dbhost
KC_DB_URL_DATABASE=dbname
KC_DB_USERNAME=dbuser
KC_DB_PASSWORD=dbpass
KEYCLOAK_ADMIN=kcadmin
KEYCLOAK_ADMIN_PASSWORD=kcadminpw
KC_HOSTNAME=host.de
KC_HTTP_ENABLED=true
KC_PROXY=edge
KC_HTTP_RELATIVE_PATH=/auth

Same setup / configuration with 17.0.0 is working.