问题
I have initialized https://hub.docker.com/r/jboss/keycloak/ on my Digital Ocean Docker Droplet.
$docker run -e KEYCLOAK_USER=admin -e -p 8080:8080 KEYCLOAK_PASSWORD={password with upcase etc.} jboss/keycloak
success
Everything worked well and the server started in the Droplets IP address on a port :8080.
Problems started when I entered the admin console from the UI in the URL. There was a message: "HTTPS required". This was a real issue and the only solution I have found is to login to the Keycloak from the console and to change the setting of HTTPS=required from admin console without the UI.
I then opened the bash for my Docker container :
$docker exec -it keycloak bash
success
As I entered my command to login in the keycloak/bin folder:
cd keycloak/bin
keycloak/bin $./kcadm.sh config credentials --server http://<droplet IP>:8080/auth --realm master --user admin --password {password with upcase etc.}
the bash freezes and gives a timeout message after some time
Reason for logging in from bash would be complete this:
keycloak/bin $ ./kcadm.sh update realms/master -s sslRequired=NONE.
which would hopefully solve the original problem of HTTPS required.
回答1:
Publish port 8443 (HTTPS) and use it instead of 8080 (HTTP):
docker run \
--name keycloak \
-e KEYCLOAK_USER=myadmin \
-e KEYCLOAK_PASSWORD=mypassword \
-p 8443:8443 \
jboss/keycloak
Keycloak generates self signed cert for https in this setup. Of course, this is not a production setup.
回答2:
This was a solution that also granted access to the admin console with no security when using https://hub.docker.com/r/jboss/keycloak/ as a starting point and DigitalOcean as service provider:
Start container:
$ docker run {containerName}
Open bash for container:
$ docker exec -it {containerName} bash
Move to:
$ cd keycloak/bin
create new admin user with:
$ ./add-user-keycloak.sh --server http://{IP}:8080/admin
--realm master --user admin --password newpassword
(not add-user.sh as suggested in many places)
Restart droplet in DigitalOcean etc. to activated admin user created prior to the shutdown. After restarting the droplet login with:
$ ./kcadm.sh config credentials --server http://localhost:8080/auth
--realm master --user admin
Changing ssl settings on the realm:
$ ./kcadm.sh update realms/master -s sslRequired=NONE
This solution does not create any security but allows you to access the Admin console.
After this it is suggested to start workin on this: https://www.keycloak.org/docs/latest/server_installation/index.html#setting-up-https-ssl
回答3:
The following sequence of commands worked for me
On the host VM:
docker run --name key -d -p 8080:8080 -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=admin jboss/keycloak
docker exec -it key bash
Inside the container:
cd keycloak/bin/
./kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user admin
Logging into http://localhost:8080/auth as user admin of realm master
Enter password: admin
./kcadm.sh update realms/master -s sslRequired=NONE
回答4:
I also experienced bash freezing when trying to config credentials.
Adding the --password argument to the config credentials command resulted in a successful execution:
./kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user admin --password {YOUR_PASSWORD_HERE}
Execute ./kcadm.sh config credentials for examples of secure/alternate ways to pass the argument.
来源:https://stackoverflow.com/questions/49859066/keycloak-docker-https-required