Menu
The deployment is on AWS and I do not want to tunnel to the box and open a browser to disable it.
There seems to exist a configuration: "ssl-required":"none" that can be placed in the keycloak-server.json file, but I'm not sure under which object. I've tried under "realm" and by itself with no luck.
I do not want to disable it at the adapter level, it needs to be globally, so where does the "ssl-required":"none" go, or how can ssh/https be disabled globally?
(Also, I understand this is not recommended in production.)
549
Setting —proxy=edge opens the HTTP port on Keycloak and there is no encryption needed between your reverse proxy and the Keycloak instances. But your reverse proxy needs to handle all the https/tls termination from the users browser requests, then, no https redirect is being sent.
Keycloak does not require SSL. This should really only be used in development when you are playing around with things and don't want to bother configuring SSL on your server. all requests.
In the "master" realm, over login tab. Change 'Require SSL' property to none.
If you can not access locally to keycloak and it is configured with a database for instance Postgres, then execute the following SQL sentence.
update REALM set ssl_required = 'NONE' where id = 'master';
It is necessary to restart keycloak
58
I was run de Keycloak admin command to apply sslRequired=NONE.
$ docker exec -it CONTAINER-ID bash
$ cd /opt/jboss/keycloak/bin/
-- Run authenticate
$ ./kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user admin
-- Apply sslRequired to none
$ ./kcadm.sh update realms/master -s sslRequired=NONE
If you don't know user and/ou password I recomend run:
$ ./add-user-keycloak.sh --server http://localhost:8080/admin --realm master --user admin --password YOUR-PASSWORD
Im my case, I'm using Keycloak Server with Spring Boot. I can change sslRequired from Master Realm by code, extending the KeycloakApplication:
public class EmbeddedKeycloakApplication extends KeycloakApplication {
...
public EmbeddedKeycloakApplication() {
super();
changeMasterRealm();
...
}
private void changeMasterRealm() {
KeycloakSession session = getSessionFactory().create();
try {
session.getTransactionManager().begin();
RealmManager manager = new RealmManager(session);
manager.getRealm("master").setSslRequired(SslRequired.NONE);
session.getTransactionManager().commit();
} catch (Exception ex) {
session.getTransactionManager().rollback();
}
...
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
