B.nana Technology Log in
Version eae63b0 committed by Binokkio.

Keycloak behind reverse proxy

To have the Keycloak login form use https I needed to add proxy-address-forwarding="true" to the undertow http-listener. The reverse proxy also has to be configured to send the X-Forwarded-For and X-Forwarded-Proto headers.

<http-listener name="default" socket-binding="http" redirect-socket="https" enable-http2="true" proxy-address-forwarding="true"/>

See Setting Up a Load Balancer or Proxy for details.