Hi everyone,
I hope you can help me.
I have the following setup:
Keycloak Standalone Server (no cluster, no docker) behind a HA Proxy. The HA Proxy forwards all requests from https://keycloak.mydomain.de
to my Keycloak Server http://servername.mydomain.de:8082
.
I set up keycloak according to this guide: (https://medium.com/@hasnat.saeed/setup-keycloak-server-on-ubuntu-18-04-ed8c7c79a2d9
). However, with the latest version of Keycloak (16.1.0). But now I’m stuck at the point where you should be able to call up Keycloak in the browser for the first time. I keep getting the message 503.
I changed the http port to 8082 in the standalone.xml and also changed the jboss.bind.adress to 0.0.0.0. However, I cannot reach the web server at https://keycloak.mydomain.de/auth
.
With curl -L http://127.0.0.1:8082/auth
I get the website. So there must be a problem with the remote access somehow, I think.
My HAProxy backend configuration:
backend keycloak.mydomain.de
option httpchk
http check expect rstatus (....)
compression algo gzip
compression type text/html text/plain text/css text/javascript application/javascript
server servername IPFromServer:8082 check inter 5s rise 1 fail 5
I read the proxy documentation: https://www.keycloak.org/docs/latest/server_installation/#_setting-up-a-load-balancer-or-proxy
.
However, I think that the values X-Forwarded-For and X-Forwarded-Proto are not mandatory to call up the Welcome Page. Or am I wrong?
Or did I make a mistake somewhere else?
Thank you very much