需要Keycloak Docker HTTPS [英] Keycloak Docker HTTPS required

问题描述

我已经初始化 https://hub.docker.com/r/jboss/keycloak/在我的Digital Ocean Docker Droplet上.

I have initialized https://hub.docker.com/r/jboss/keycloak/ on my Digital Ocean Docker Droplet.

$docker run -e KEYCLOAK_USER=admin -e -p 8080:8080 KEYCLOAK_PASSWORD={password with upcase etc.} jboss/keycloak

成功

一切正常，服务器在端口:8080上的Droplet IP地址中启动.

Everything worked well and the server started in the Droplets IP address on a port :8080.

当我从URL中的UI进入管理控制台时，问题开始了.出现一条消息:需要HTTPS".这是一个实际的问题，我找到的唯一解决方案是从控制台登录到Keycloak，并更改不带UI的管理控制台中HTTPS = required的设置.

Problems started when I entered the admin console from the UI in the URL. There was a message: "HTTPS required". This was a real issue and the only solution I have found is to login to the Keycloak from the console and to change the setting of HTTPS=required from admin console without the UI.

然后我为Docker容器打开了bash:

I then opened the bash for my Docker container :

$docker exec -it keycloak bash

成功

当我输入命令以登录keycloak/bin文件夹时:

As I entered my command to login in the keycloak/bin folder:

cd keycloak/bin

keycloak/bin $./kcadm.sh config credentials --server http://<droplet IP>:8080/auth --realm master --user admin --password {password with upcase etc.}

bash冻结并在一段时间后发出超时消息

the bash freezes and gives a timeout message after some time

完成bash登录的原因如下:

Reason for logging in from bash would be complete this:

keycloak/bin $ ./kcadm.sh update realms/master -s sslRequired=NONE.

有望解决最初要求的HTTPS问题.

which would hopefully solve the original problem of HTTPS required.

推荐答案

发布端口8443(HTTPS)并使用它代替8080(HTTP):

Publish port 8443 (HTTPS) and use it instead of 8080 (HTTP):

docker run \
  --name keycloak \
  -e KEYCLOAK_USER=myadmin \
  -e KEYCLOAK_PASSWORD=mypassword \
  -p 8443:8443 \
  jboss/keycloak

Keycloak在此设置中为https生成自签名证书.当然，这不是生产设置.

Keycloak generates self signed cert for https in this setup. Of course, this is not a production setup.

更新

将卷用于自己的TLS证书:

Use volumes for own TLS certificate:

  -v /<path>/tls.crt:/etc/x509/https/tls.crt \
  -v /<path>/tls.key:/etc/x509/https/tls.key \

这篇关于需要Keycloak Docker HTTPS的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！