I need to configure an identity provider (OIDC type). The token endpoint need to be called with mTLS.
I have access to two version of keycloak (v9 and v15), both of them are running inside K8s
As of now, I tried many things :
- redhat-sso-7-openshift-image/sso74-x509-postgresql-persistent.adoc at sso74-dev · jboss-container-images/redhat-sso-7-openshift-image · GitHub
- cacerts extraction from image, add my certificate, rebuild the docker image
- GitHub - slaskawi/keycloak-mutual-tls-demo: Mutual TLS for Clients demo
- and so on…
Each try do the same : handshake_failure. I received the certificate from the IDP server and keycloak just respond with (ssl:handshake debug) :
Produced client Certificate handshake message ( "Certificates": <empty list> )
What do I need to configure to make keycloak respond with my client certificate to validate the handshake ?
Thank you all for helping me.