I am configuring Keycloak in Docker with an Apache reverse proxy, but I’m having issues with the /admin console.
ProxyPreserveHost On
RequestHeader set X-Forwarded-Proto "https"
# Proxy for Keycloak authentication
ProxyPass "/auth" "https://10.0.0.0:7443"
ProxyPassReverse "/auth" "https://10.0.0.0:7443"
# Proxy for Keycloak administration
ProxyPass "/admin" "https://10.0.0.0:7443"
ProxyPassReverse "/admin" "https://10.0.0.0:7443"
# Proxy for Keycloak realms
ProxyPass "/realms" "https://10.0.0.0:7443/realms"
ProxyPassReverse "/realms" "https://10.0.0.0:7443/realms"
My compose:
version: '3'
services:
keycloak:
image: keycloak/keycloak:25.0.6
environment:
KC_HOSTNAME_PORT: 7443
KC_DB: mysql
KC_DB_URL: jdbc:mysql://URLDATABASE:3306/keycloakdb?createDatabaseIfNotExist=true&characterEncoding=UTF-8&rewriteBatchedStatements=true&enabledTLSProtocols=TLSv1,TLSv1.1,TLSv1.2
KC_DB_USERNAME: username
KC_HOSTNAME_STRICT_BACKCHANNEL: false
KC_DB_PASSWORD: passwordfromusername
KEYCLOAK_ADMIN: admin
KEYCLOAK_ADMIN_PASSWORD: admin@2024
KC_HEALTH_ENABLED: "true"
KC_LOG_LEVEL: info
volumes:
- ./keycloak.keystore:/keycloak.keystore
healthcheck:
test: [ "CMD", "curl", "-f", "http://localhost:7080/health/ready" ]
interval: 15s
timeout: 2s
retries: 15
command:
- start
- --http-port=7080
- --https-port=7443
- --hostname=https://url.url.com/auth
- --hostname-admin=https://url.url.com/admin
- --https-key-store-file=/keycloak.keystore
- --hostname-backchannel-dynamic=true
- --https-key-store-password=Keystorepassword
- --proxy=edge
- --hostname-debug=true
ports:
- 7080:7080
- 7443:7443
The url is getting redirected to ‘https://url.url.com/admin/admin/master/console/’ instead of ‘https://url.url.com/admin/master/console’
Any tips? Thanks!