Hi,
I am trying to authenticate users by using mTLS x509 Authentication. The end goal is to go to my UI which then redirects to the Keycloak login screen (with they keycloak-js adapter). On the login screen, I want to present two options: 1) login with username/password or 2) login via cert.
Right now it is set up to work with username/password fine, the part that has been difficult is setting up x509 Authentication. The main issue is that as soon as I redirect to the Keycloak login page, it automatically looks for the certificate whereas I only want it to search for the cert if the ‘login via cert’ button is pressed. Is there a way to do this?
A little about my system. I am using Traefik as a reverse proxy, so Keycloak is sitting behind Traefik (which I think makes things a little more difficult). All of my services are deployed in a Kubernetes cluster. The UI is built with React and it’s using the Keycloak-js adapter to integrate with Keycloak.
I am not very familiar with certification/networking so I apologize if the vocabulary isn’t quite right.