Why CloudFront didn't forward https protocol to KeyCloak

williamye · January 17, 2021, 5:10pm

I deploy the KeyCloak to AWS ECS Fargate, before that is ALB and CloudFront. I find that the CloudFront has forwarded domain name to KeyCloak but not https protocol. So the KeyCloak return http to viewer, then it will be failed to jump to admin console. Is there anyone who can help on this?

jangaraj · January 17, 2021, 7:37pm

Problem description is vague. But let me try: you are using official Keycloak image and you didn’t configure PROXY_ADDRESS_FORWARDING env variable

williamye · January 18, 2021, 12:56am

Jangaraj, thank you. I have already set the PROXY_ADDRESS_FORWARDING=true in the ECS task definition’s environment variables, see the picutre.

williamye · January 18, 2021, 12:57am

And also set the X-FORWARD-“XXXX” in CloudFront behavior’s whitelist headers. Is there anything I missing, seems the KeyCloak return http but not https.

Topic		Replies	Views
Cloudfront, reverse proxy question Configuring the server	1	1547	December 13, 2022
AWS + ECS + ALB + HTTPS but Securing applications	4	3396	January 4, 2021
AWS ALB HTTPS not working Configuring the server	3	2468	November 1, 2020
Whoami request from admin console returns 401 when using Amazon Cloudfront	5	2308	June 22, 2022
Problems with Keycloak in Kubernetes behind a Network Load Balancer in AWS	5	4182	May 17, 2022

Why CloudFront didn't forward https protocol to KeyCloak

Related topics