jakob
Reputation: 41
SSL is required to authenticate keycloak behind traefik
I have the problem that my spring application with the keycloak adapter give me this warning:
SSL is required to authenticate. Remote address IP is secure: false, SSL required for: EXTERNAL .
The keycloak address is with https
Every request to my backend is blocked with a 401 Error and this warning in the console.
Keycloak is behind a reverse proxy: traefik
I also tried to remove the headers with traefik:
- traefik.http.middlewares.sso.headers.customrequestheaders.X-Forwarded-For=
- traefik.http.middlewares.sso.headers.customrequestheaders.X-Forwarded-Proto=
- traefik.http.middlewares.sso.headers.customrequestheaders.X-Forwarded-Host=
- traefik.http.middlewares.sso.headers.customrequestheaders.X-Real-IP=
Edit: I can fix it with keycloak.ssl-required = none and also in the admin panel but is this safe?
Upvotes: 3
Views: 5069
Answers (1)
Jan Garaj
Reputation: 28696
keycloak.ssl-required = none is definetly not a secure work around. There is Keycloak doc, which describe how to configure it properly:
Upvotes: 1
Related Questions
- Configure Spring Boot integrate Keycloak with SSL
- KeyCloak - Spring boot only get requests work
- SSL passthrough with Traefik
- Spring Boot + Keycloak using private certificate
- Setting up Traefik with Keycloak returns 500
- traefik's tls: client didn't provide a certificate when accessing https endpoint
- Traefik basic auth does not work with HTTPS
- HTTP and HTTPS with keycloack + spring
- Traefik - Cannot use self sign certificates
- keycloak (spring boot) Not authenticating REST endpoint