堆栈内存溢出
  简体   繁体   English

apache https代理后面的keycloak“ https required”

[英]Keycloak behind apache https proxy “https required”

 原文  2019-07-08 21:22:57       apache/ docker/ https/ webserver/ keycloak

问题描述

i just set up a keycloak docker container as follows: 我只是按如下方式设置了一个keycloak docker容器: 

docker run --name keycloak --net keycloak-network -e DB_ADDR=mysql -e DB_DATABASE=keycloak -e DB_USER=keycloak -e DB_PASSWORD=mypassword -d -p 8088:8080 -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=mypassword -e KEYCLOAK_HOSTNAME="keycloak.example.net" -e PROXY_ADDRESS_FORWARDING=true -e KEYCLOAK_HTTPS_PORT=443 jboss/keycloak

On my server, i have an apache2 webserver running, with the follwing configuration file for my sites-available "keycloak.example.net": 在我的服务器上,我正在运行一个apache2网络服务器,其中包含以下用于我的网站的配置文件-可用的“ keycloak.example.net”: 

<virtualhost keycloak.example.net:80>
    ServerName keycloak.example.net

    Redirect permanent / https://keycloak.example.net/
</virtualhost>

<virtualhost keycloak.example.net:443>
    ServerName keycloak.example.net

    SSLEngine On

    SSLCertificateFile /etc/letsencrypt/live/keycloak.example.net/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/keycloak.example.net/privkey.pem

    SSLProxyEngine on
    ProxyPreserveHost On

    <location />
        Order allow,deny
        Allow from all
        Require all granted
        ProxyPass http://localhost:8088/
        ProxyPassReverse http://localhost:8088/
    </location>
</virtualhost>

My apache webserver already redirects me (forces https as you can see) correctly to my docker container running on port 8088 on my host machine, on docker-containers internal port 8080. 我的apache网络服务器已经正确地将我重定向到您在主机上端口8088上运行的Docker容器(如您所见,强制使用https),该容器位于docker-containers内部端口8080上。

As soon as i visit https://keycloak.example.net/auth - it tries to redirect me to the corret keycloak-site, but then throws this error: 一旦我访问https://keycloak.example.net/auth-它会尝试将我重定向到corret keycloak-site,但是会引发此错误: 

HTTPS required

What do i have to change to make it work? 我必须进行哪些更改才能使其正常工作?

在此处输入图片说明

1 个解决方案

解决方案1
 0 已采纳  2019-07-22 06:47:29

Solution

So i finally could fix my bug in this way: 所以我终于可以用这种方式修复我的错误:

  1. Edit my keycloak.example.conf in the /etc/apache2/sites-available directory: /etc/apache2/sites-available目录中编辑我的keycloak.example.conf 
...
<virtualhost keycloak.example.net:443>
...
RequestHeader set X-Forwarded-Proto "https"
...
  1. Make sure to enable the headers module in apache: a2enmod headers 确保在apache中启用headers模块: a2enmod headers
  2. Restart my apache server: service apache2 restart 重新启动我的apache服务器: service apache2 restart

Conclusion 结论

So it seems that i just did not configure my apache server to forward the https traffic in the necessary way. 因此,似乎我只是没有配置apache服务器以必要的方式转发https流量。

I hope i can help someone with this solution and save you some time with that. 希望我能为某人提供此解决方案,并为您节省一些时间。 Big thanks to @Boomer , who has posted the necessary link and to @Mario , who supported this lonely question and showed me his solutions. 非常感谢@Boomer,他发布了必要的链接,也感谢@Mario,他支持这个孤独的问题并向我展示了他的解决方案。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 将HTTP服务器放在Apache https代理后面 - Serve http server behind an Apache https Proxy Apache HTTPS代理重定向背后的Jira - Jira behind Apache https proxy redirect 它是否需要在我的https apache代理服务器后面的Kestrel中使用https? - Does it require https in Kestrel behind my https apache proxy server? Apache代理-HTTP到HTTPS - Apache proxy - HTTP to HTTPS http nginx dockers behind https virtualhost apache proxy using letsencrypt redirect https to http - http nginx dockers behind https virtualhost apache proxy using letsencrypt redirect https to http Apache反向代理https到http - Apache Reverse Proxy https to http Apache HTTPS 反向代理到 HTTP - Apache HTTPS reverse proxy to HTTP Apache 反向代理 HTTPS 到 HTTP - Apache reverse proxy for HTTPS to HTTP 在Apache HttpClient上使用HTTPS代理 - Use HTTPS proxy on Apache HttpClient Apache反向代理到https服务器 - Apache reverse proxy to https server
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM