Keycloak Https Redirection Issue

Xandar · November 24, 2021, 9:24am

I have a Javascript app which is integrated with Keycloak. I uploaded the keycloak to the web server using nginx. Now when I use https to access my app it shows me a screen after login by saying i.e. The information you want to send is not secure This form is sent over a connection that is not completely secure. As a result, your information may be visible to others.

and then after clicking on Proceed I am directed to the homepage.

Here is my javascript code:


<script src="https://weblink.com/auth/js/keycloak.js"></script>

    <script>
        var keycloak;
    
        function initKeycloak() {
            keycloak = Keycloak({
                realm: 'realmName',
                url: 'https://weblink.com/auth/',
                sslRequired: 'external',
                clientId: 'clientName',
                publicClient: 'public',
                confidentialPort: 0,
            });
            keycloak.init({onLoad: 'login-required'}).then(function (authenticated) {
                console.log("Authenticated");
            }).catch(function () {
                alert('failed to initialize');
            });
        }

I don’t know what’s the problem here.

bpedersen2 · November 24, 2021, 9:54am

Are you using a self-signed certificate on that domain?

Xandar · November 24, 2021, 10:03am

Yes the domain is using Self Signed Certificate

bpedersen2 · November 24, 2021, 10:45am

Then this warning is expected until you add an exception in the browser…

Xandar · November 24, 2021, 12:46pm

How will I add the exception?
Isn’t there any other way to stop this exception?

bpedersen2 · November 24, 2021, 12:59pm

That depends on the browser, normally there is a an ‘advanced option’ link somewhere. If not check the browser docs.

For a production system you should always use official certifcates, never self-signed ones.

ayoub96anbara · November 26, 2021, 1:31pm

I have run keycloak with HTTPS, this steps can help you:
1- I setup HTTPS using certificate https://certbot.eff.org/
2- I use keycloak image docker:

docker run -d --name keycloak_15.0.2  -e KEYCLOAK_USER=kc-admin \
-e KEYCLOAK_PASSWORD=1234Pass  \
-e PROXY_ADDRESS_FORWARDING=true -p 9090:8080 jboss/keycloak:15.0.2

3-My nginx configuration:

location /auth/ {
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Server $host;
        proxy_set_header X-Forwarded-Port $server_port;
        proxy_set_header X-Forwarded-Proto $scheme;
       proxy_pass http://127.0.0.1:9090;
       proxy_buffer_size   128k;
       proxy_buffers   4 256k;
       proxy_busy_buffers_size   256k;
       client_max_body_size 16m;
    }

Topic		Replies	Views
Keycloak Admin Console + NGINX Getting advice admin-console	2	2263	December 4, 2019
Securing API with issues on a deployed instance Configuring the server authentication	0	325	December 18, 2020
Enabling SSL to secure the HTTP traffic of the Keycloak Server with existing certificate (avoid self-signed certificate) Getting advice	15	7969	May 17, 2021
Failed to execute 'postmessage' on 'domwindow': The target origin provided ('http://abc.com') does not match the recipient window's origin ('https://abc.com). Suspecting this to be because of Iframe Getting advice admin-console , authentication , oidc	1	1594	April 18, 2023
Just can't get the Javascript Adapter to work Securing applications	0	705	November 14, 2022

Keycloak Https Redirection Issue

Related Topics