Is it possible to disable TLS when using SSL termination in reverse proxy?

mah · March 9, 2022, 10:43am

Hey,

I have a Keycloak 17 (Quarkus) behind reverse proxy. Reverse proxy handles SSL termination. That is I forward requests from reverse proxy to port 8080. It works fine with “start-dev” mode.

As far as I understand from the documentation this is perfectly “acceptable” scenario. But why am I “forced” to configure TLS, even if I am not using it (when using “start” mode):

2022-03-09 10:25:18,092 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: Failed to start server in (production) mode
2022-03-09 10:25:18,092 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: Key material not provided to setup HTTPS. Please configure your keys/certificates or start the server in development mode.

mah · March 9, 2022, 10:54am

Ok, apparently as was using passthrough instead of edge in proxy configuration. It works fine now!

Naidu1708 · June 6, 2022, 5:54am

@mah facing the same issue when deployed keycloak under waf and nginx reverse proxy… can you please let me know what are the configurations you have used to run it?

Topic		Replies	Views
KC 17 Quarkus: how to disable https for /admin endpoints Securing applications admin-console	5	9280	March 14, 2022
Run keycloak in Production without TLS configuration Configuring the server	9	1610	November 28, 2023
Mixed Content behind TLS terminating load balancer Configuring the server	0	548	May 22, 2020
KeyCloak 18.0 Quarkus behind F5 Configuring the server	8	1556	May 28, 2022
Enabling SSL to secure the HTTP traffic of the Keycloak Server with existing certificate (avoid self-signed certificate) Getting advice	15	7961	May 17, 2021

Is it possible to disable TLS when using SSL termination in reverse proxy?

Related Topics