问题描述
我已经初始化了https://hub.docker.com/r/jboss/keycloak/ 在我的 Digital Ocean Docker Droplet 上.
I have initialized https://hub.docker.com/r/jboss/keycloak/ on my Digital Ocean Docker Droplet.
$docker run -e KEYCLOAK_USER=admin -e -p 8080:8080 KEYCLOAK_PASSWORD={password with upcase etc.} jboss/keycloak
成功
一切正常,服务器在端口 :8080 上的 Droplets IP 地址中启动.
Everything worked well and the server started in the Droplets IP address on a port :8080.
当我从 URL 中的 UI 进入管理控制台时,问题就开始了.有一条消息:需要 HTTPS".这是一个真正的问题,我找到的唯一解决方案是从控制台登录 Keycloak,并在没有 UI 的情况下从管理控制台更改 HTTPS=required 的设置.
Problems started when I entered the admin console from the UI in the URL. There was a message: "HTTPS required". This was a real issue and the only solution I have found is to login to the Keycloak from the console and to change the setting of HTTPS=required from admin console without the UI.
然后我为我的 Docker 容器打开了 bash :
I then opened the bash for my Docker container :
$docker exec -it keycloak bash
成功
当我输入登录 keycloak/bin 文件夹的命令时:
As I entered my command to login in the keycloak/bin folder:
cd keycloak/bin
keycloak/bin $./kcadm.sh 配置凭证 --server http://:8080/auth --realm master --user admin --password {password with upcase etc.}
bash 冻结并在一段时间后给出超时消息
从 bash 登录的原因如下:
Reason for logging in from bash would be complete this:
keycloak/bin $ ./kcadm.sh 更新领域/master -s sslRequired=NONE
.
这有望解决原来需要 HTTPS 的问题.
which would hopefully solve the original problem of HTTPS required.
推荐答案
发布端口 8443 (HTTPS) 并使用它代替 8080 (HTTP):
Publish port 8443 (HTTPS) and use it instead of 8080 (HTTP):
docker run
--name keycloak
-e KEYCLOAK_USER=myadmin
-e KEYCLOAK_PASSWORD=mypassword
-p 8443:8443
jboss/keycloak
Keycloak 在此设置中为 https 生成自签名证书.当然,这不是生产设置.
Keycloak generates self signed cert for https in this setup. Of course, this is not a production setup.
更新
将卷用于自己的 TLS 证书:
Use volumes for own TLS certificate:
-v /<path>/tls.crt:/etc/x509/https/tls.crt
-v /<path>/tls.key:/etc/x509/https/tls.key
这篇关于需要 Keycloak Docker HTTPS的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!