Hi
I have just installed keycloak. Now i want to configure it with NC as a SSO. I am using openid Connect backend to connect it
SSL configuration
In conf folder of keycloak generated keystore as
keytool -genkeypair -alias sso.mydomain.cloud -keyalg RSA -keysize 2048 -validity 1825 -keystore server.keystore -dname “cn=sso.mydomain.cloud,o=Acme,c=GB” -keypass password -storepass password
in keycloak.conf, described only following lines
proxy=edge
http-enabled=true
http-port=8180
hostname=sso.mydomain.cloud
Then configure reverse proxy in apache with following config
VirtualHost *:80>
ServerName sso.mydomain.cloud
AllowEncodedSlashes NoDecode
ProxyPreserveHost On
RequestHeader set X-Forwarded-Proto “https”
RequestHeader set X-Forwarded-Port “443”
SSLProxyEngine on
ProxyPassReverse / https://127.0.0.1:8443/
ProxyPass / https://127.0.0.1:8443/
</VirtualHost
Then run certbot command to generate ssl certificate for my sso domain.
Then start keycloak as
./kc.sh start --https-key-store-password=password
This is my configuration at NC
When i click on SSO login i get this error on NC:
Could not the reach OpenID Connect provider
Could not reach provider at URLhttps://sso.mydomain.com/realms/SSO/protocol/openid-connect/auth
Error at keycloak
dolphinslairapps kc.sh[829823]: 2022-08-24 15:46:24,366 WARN [org.keycloak.events] (executor-thread-9) type=LOGIN_ERROR, realmId=62ac84de-b7f3-4823-a24e-bc5d4a1e9c5b, clientId=null, userId=null, ipAddress=IP, error=invalid_request