I am using v21 of Keycloak. I set up the server to do mTLS but, I am unable to reach the server when I do not provide a client certificate. Per the Keycloak documentation: “By setting the value to request , Keycloak will also accept requests without a certificate and only validate the correctness of a certificate if it exists.”
I have set KC_HTTPS_CLIENT_AUTH to be “request” but, the browser fails to establish a secure connection when I do not provide a client certificate which directly contradicts the documentation. I want to be able to access Keycloak with or without a certificate.
Keycloak is being deployed in a Kubernetes cluster behind a reverse proxy. The proxy is configured to passthrough all TLS traffic to the backend.
Does anyone have any ideas?