Springboot Adapter Invalid URLS error with AWS Application Load Balancer

Getting advice
1

Hi I am having a problem with SSL termination for SpringBoot adapter and KeyCloak. I am using KeyCloak 15.1.1

Before implementing SSL, everything works fine with HTTP. The headache comes when I implemented SSL.

I get Invalid URLS error at when trying to load using HTTPS. I am able to load the front end web pages, but the API calls are not working.

AWS DETAILS

I am using AWS Application Load balancer to with ACM Certificate to allow https request over http. My Application Load balancer has a https:443 listener to forwards all https request (port 443) to http. This https listener has the rule :

  • if path is app/api* forward to target group http:8081

The Load Balancer DNS name and the ACM certificate are already registered at Route 53 Hosted Zones:

  • Record Type A
  • RecordName : myapp.com
  • Routing: Simple
  • Alias: Yes
  • Value/Traffice routed to: myapp-alb-xxxxxxxxx…amazonaws.com (this is the app load balancer DNS Name)
  • The ACM Certificate is created using my website’s domain name (myapp.com)

AWS CLOUD VM

Inside my AWS EC2 Cloud VM, I have Angular, Spring boot, and Keycloak running

  • Spring boot Server is running Port 8081
  • KeyCloak Server running in port 8080

In my angular API configuration, I have set all API endpoints to use https://myapp.com/app/api :

  apiConfig: {
    api1tEndpoint: 'https://myapp.com/app/api/api1',
    api2Endpoint: 'https://myapp.com/app/api/api2,
  },

At The Springboot backend, the keycloak configuration are set in the application.proprties :

server.port=8081

# KEYCLOAK Configuration
keycloak.enabled=true
keycloak.realm=MyAppRealm
**keycloak.auth-server-url=https://mayapp.com/auth
keycloak.ssl-required=none

In the KeyCloak standalone.xml, I have set the following based on this article I read here :

<subsystem xmlns="urn:jboss:domain:undertow:12.0">
    <http-listener name="default" socket-binding="http"
        proxy-address-forwarding="true" redirect-socket="proxy-https"/>
</subsystem>
:
:
<socket-binding-group name="standard-sockets" default-interface="public"
    port-offset="${jboss.socket.binding.port-offset:0}">
    ...
    <socket-binding name="proxy-https" port="443"/>
    ...
</socket-binding-group>

QUESTIONS:

  1. Is there any configuration I missed in my Spring Boot App or at Angular?
  2. For Keycloak, did I do the correct configuration? Or I need to configure somewhere else besides standalone.xml?
  3. Or Is my configuration at AWS Load balancer done correctly?