发表新帖
发表新帖

Keycloak Docker HTTPS required

后端 未结
关注
4 964
鱼传尺愫
鱼传尺愫 2020-12-03 13:56

I have initialized https://hub.docker.com/r/jboss/keycloak/ on my Digital Ocean Docker Droplet.

$docker run -e KEYCLOAK_USER=admin -e -p 8080:8080 KEYCLOAK_PA

相关标签:
4条回答
  • 温柔的废话
    2020-12-03 14:28

    Publish port 8443 (HTTPS) and use it instead of 8080 (HTTP):

    docker run \
  --name keycloak \
  -e KEYCLOAK_USER=myadmin \
  -e KEYCLOAK_PASSWORD=mypassword \
  -p 8443:8443 \
  jboss/keycloak

    Keycloak generates self signed cert for https in this setup. Of course, this is not a production setup.

    Update

    Use volumes for own TLS certificate:

      -v /<path>/tls.crt:/etc/x509/https/tls.crt \
  -v /<path>/tls.key:/etc/x509/https/tls.key \
    0 讨论(0)
  • 深忆病人
    2020-12-03 14:44

    I also experienced bash freezing when trying to config credentials.

    Adding the --password argument to the config credentials command resulted in a successful execution:

    ./kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user admin --password {YOUR_PASSWORD_HERE}

    Execute ./kcadm.sh config credentials for examples of secure/alternate ways to pass the argument.

    0 讨论(0)
  • 遇见更好的自我
    2020-12-03 14:49

    This was a solution that also granted access to the admin console with no security when using https://hub.docker.com/r/jboss/keycloak/ as a starting point and DigitalOcean as service provider:

    Start container:

    $ docker run {containerName}

    Open bash for container:

    $ docker exec -it {containerName} bash

    Move to:

    $ cd keycloak/bin

    create new admin user with:

    $ ./add-user-keycloak.sh --server http://{IP}:8080/admin    
--realm master --user admin --password newpassword

    (not add-user.sh as suggested in many places)

    Restart droplet in DigitalOcean etc. to activated admin user created prior to the shutdown. After restarting the droplet login with:

    $ ./kcadm.sh config credentials --server http://localhost:8080/auth 
--realm master --user admin

    Changing ssl settings on the realm: 

    $ ./kcadm.sh update realms/master -s sslRequired=NONE

    This solution does not create any security but allows you to access the Admin console.

    After this it is suggested to start workin on this: https://www.keycloak.org/docs/latest/server_installation/index.html#setting-up-https-ssl

    0 讨论(0)
  • 無奈伤痛
    2020-12-03 14:54

    The following sequence of commands worked for me

    On the host VM:

    docker run --name key -d -p 8080:8080 -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=admin jboss/keycloak
docker exec -it key bash

    Inside the container:

    cd keycloak/bin/
./kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user admin 
Logging into http://localhost:8080/auth as user admin of realm master
Enter password: admin
./kcadm.sh update realms/master -s sslRequired=NONE
    0 讨论(0)
 看不清?
提交回复
热议问题