Hello,
I have been stuck on this issue for days. We have keycloak (v11.0.2) deployed and working with 2-way SSL on one of our networks. It is behind a nginx server and works perfectly fine. The other network that is also trying to reach the same application secured by Keycloak only works when I clear the browser’s cache (happening on both Chrome v 88 and Firefox v.78). The problematic browsers’ versions are slightly older but not by much than the working ones so I don’t think it’s a version issue. I’ve played around with a bunch of the browsers’ settings without any luck, especially disabling any cookie security checks and such. We are using the javascript plugin hosted on the Keycloak server and the checkLoginIframe is set to false. It doesn’t seem like it would be an issue with our infrastructure since it is working well for one of the networks. The only difference is that the problematic one is using different client certificates but those client certificates work for other well known applications so that shouldn’t be the issue. Those certificates have been working for other things for a while. It almost seems like the problematic browsers are caching something like the certificates or connection or keycloak parameters like AUTH_SESSION_ID, etc… and using those and Keycloak is not liking it even though we have no cache issues with other applications. Any help or advice on what we could try next would be greatly appreciated! Thanks.
Did you find what’s going on? I’m having very similar problems