This repository has been archived by the owner on Apr 17, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
Configure HTTPS for Keycloak on RHEL 6.6
Attila Levente EGYEDI edited this page Mar 9, 2016
·
25 revisions
###Make keystore accessible for Keycloak
gocedar
cd CEDAR_CA
cp keycloak.jks $KEYCLOAK_HOME/standalone/configuration/
###Modify Keycloak configuration
cd $KEYCLOAK_HOME/standalone/configuration/
vi standalone.xml
Locate the <security-realms> element, and add the below to that block
Note: make sure to replace secret with the actual password!
<security-realm name="UndertowRealm">
<server-identities>
<ssl>
<keystore path="keycloak.jks" relative-to="jboss.server.config.dir" keystore-password="secret" />
</ssl>
</server-identities>
</security-realm>
Locate the <server name="default-server"> element, add this line below the default http listener
<https-listener name="https" socket-binding="https" security-realm="UndertowRealm"/>
Locate the <socket-binding-group element. You probably will need to modify the already existing https port. Change the line to the following:
<socket-binding name="https" port="${jboss.https.port:8543}"/>
###Verify the configuration
Start the server
gokk
./bin/standalone.sh
You will not be able to test the https port of keycloak from a browser at this moment, so please test it from the command line on the server:
lynx https://auth.metadatacenter.net:8543/