需要Keycloak Docker HTTPS [英] Keycloak Docker HTTPS required
问题描述
我已经初始化 https://hub.docker.com/r/jboss/keycloak/在我的Digital Ocean Docker Droplet上.
I have initialized https://hub.docker.com/r/jboss/keycloak/ on my Digital Ocean Docker Droplet.
$docker run -e KEYCLOAK_USER=admin -e -p 8080:8080 KEYCLOAK_PASSWORD={password with upcase etc.} jboss/keycloak
成功
一切正常,服务器在端口:8080上的Droplet IP地址中启动.
Everything worked well and the server started in the Droplets IP address on a port :8080.
当我从URL中的UI进入管理控制台时,问题开始了.出现一条消息:需要HTTPS".这是一个实际的问题,我找到的唯一解决方案是从控制台登录到Keycloak,并更改不带UI的管理控制台中HTTPS = required的设置.
Problems started when I entered the admin console from the UI in the URL. There was a message: "HTTPS required". This was a real issue and the only solution I have found is to login to the Keycloak from the console and to change the setting of HTTPS=required from admin console without the UI.
然后我为Docker容器打开了bash:
I then opened the bash for my Docker container :
$docker exec -it keycloak bash
成功
当我输入命令以登录keycloak/bin文件夹时:
As I entered my command to login in the keycloak/bin folder:
cd keycloak/bin
keycloak/bin $./kcadm.sh config credentials --server http://<droplet IP>:8080/auth --realm master --user admin --password {password with upcase etc.}
bash冻结并在一段时间后发出超时消息
the bash freezes and gives a timeout message after some time
完成bash登录的原因如下:
Reason for logging in from bash would be complete this:
keycloak/bin $ ./kcadm.sh update realms/master -s sslRequired=NONE
.
有望解决最初要求的HTTPS问题.
which would hopefully solve the original problem of HTTPS required.
推荐答案
发布端口8443(HTTPS)并使用它代替8080(HTTP):
Publish port 8443 (HTTPS) and use it instead of 8080 (HTTP):
docker run \
--name keycloak \
-e KEYCLOAK_USER=myadmin \
-e KEYCLOAK_PASSWORD=mypassword \
-p 8443:8443 \
jboss/keycloak
Keycloak在此设置中为https生成自签名证书.当然,这不是生产设置.
Keycloak generates self signed cert for https in this setup. Of course, this is not a production setup.
更新
将卷用于自己的TLS证书:
Use volumes for own TLS certificate:
-v /<path>/tls.crt:/etc/x509/https/tls.crt \
-v /<path>/tls.key:/etc/x509/https/tls.key \
这篇关于需要Keycloak Docker HTTPS的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!