Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

keycloak apache server configuration with 'Mixed Content' problems

Tags:

reverse-proxy

apache

httpd.conf

mod-proxy

keycloak

have a problems configuring keycloak behind my apache server,

Mixed Content: The page at 'https://dev.mydomain.com/auth/admin/master/console/' was loaded over HTTPS, but requested an insecure script 'http://dev.mydomain.com/auth/resources/1.7.0.final/admin/keycloak/js/controllers/groups.js'. This request has been blocked; the content must be served over HTTPS.

My apache configuration is,

ServerName dev.mydomain.com 
ServerAdmin [email protected]



SSLEngine on
SSLCertificateFile /opt/mydomain/domains/dev.mydomain.com/apache/dev.mydomain.com.crt 
SSLCertificateKeyFile /opt/mydomain/domains/dev.mydomain.com/apache/dev.mydomain.com.key 
SSLCertificateChainFile /opt/mydomain/domains/dev.mydomain.com/apache/dev.mydomain.com.ca-bundle


DocumentRoot /opt/mydomain/domains/dev.mydomain.com/apache/htdocs

<Directory /opt/mydomain/domains/dev.mydomain.com/apache/htdocs>
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
    Require all granted
</Directory>

ProxyRequests Off

ProxyPreserveHost On
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"

<Proxy  https://dev.mydomain.com/*  >
   Order deny,allow
   Deny from all
   Allow from all
 </Proxy>



ProxyPass /auth http://localhost:10082/auth nocanon
ProxyPassReverse /auth http://localhost:10082/auth

Any idea what's wrong?

like image 996
fphilip Avatar asked Feb 03 '16 05:02

fphilip

1 Answers

You'll also need to update Wildfly configuration as outlined in Enable SSL on a Reverse Proxy -> Configure WildFly

If you look for a Wildfly CLI configuration, have a look here: 

$ jboss-cli.sh -standalone --file=batch.cli

# batch.cli
embed-server --std-out=echo
batch
/subsystem=undertow/server=default-server/http-listener=default:write-attribute(name=proxy-address-forwarding,value=true)
/subsystem=undertow/server=default-server/http-listener=default:write-attribute(name=redirect-socket,value=proxy-https)
/socket-binding-group=standard-sockets/socket-binding=proxy-https:add(port=443)
run-batch
stop-embedded-server
like image 121
ahus1 Avatar answered Nov 12 '22 19:11

ahus1
Sign in to Comment

Related questions

HTTP Connection pooling in Apache CXF
Why does all non matching traffic go to the first VirtualHost rather than the default site config in httpd.conf
Android Cannot access org.apache.http.client.HttpClient
Deploying a war file to Tomcat on a VPS
ContentType doesn't declare an explicit app_label
301 redirect non-www to www
How to measure the memory usage per active Apache Connection?
Disable Login Prompts in mod_auth_sspi_1.0.4-2.2.2
.htaccess prompt for password
Attempting to use symbolic link for var/www/html
How to remove port number from http://localhost:8123 to use as http://localhost? [closed]
htaccess - Deny requests from unauthorized domains
java skips catch clause jumping straight to finally in apache pdfbox
How can I mount an S3 volume with proper permissions using FUSE
How to hide the URL change when using apache rewrite?
Apache htaccess: Block direct access to index.html in a folder
.htaccess Password protection keeps asking for password over and over
.htaccess rewrite rule remove everything after RK=0/RS=
Android WebSocket Services making multiple connections
http_parse_headers with PECL_HTTP

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!