8

在我的 apache 服务器后面配置 keycloak 时遇到问题,

混合内容:“ https://dev.mydomain.com/auth/admin/master/console/ ”页面通过 HTTPS 加载,但请求了不安全的脚本“ http://dev.mydomain.com/auth/resources ” /1.7.0.final/admin/keycloak/js/controllers/groups.js '。此请求已被阻止;内容必须通过 HTTPS 提供。

我的apache配置是,

ServerName dev.mydomain.com 
ServerAdmin dev@mydomain.com



SSLEngine on
SSLCertificateFile /opt/mydomain/domains/dev.mydomain.com/apache/dev.mydomain.com.crt 
SSLCertificateKeyFile /opt/mydomain/domains/dev.mydomain.com/apache/dev.mydomain.com.key 
SSLCertificateChainFile /opt/mydomain/domains/dev.mydomain.com/apache/dev.mydomain.com.ca-bundle


DocumentRoot /opt/mydomain/domains/dev.mydomain.com/apache/htdocs

<Directory /opt/mydomain/domains/dev.mydomain.com/apache/htdocs>
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
    Require all granted
</Directory>

ProxyRequests Off

ProxyPreserveHost On
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"

<Proxy  https://dev.mydomain.com/*  >
   Order deny,allow
   Deny from all
   Allow from all
 </Proxy>



ProxyPass /auth http://localhost:10082/auth nocanon
ProxyPassReverse /auth http://localhost:10082/auth

知道有什么问题吗?

4

1 回答 1

7

您还需要按照在反向代理上启用 SSL -> 配置 WildFly中所述更新 Wildfly 配置

如果您要查找 Wildfly CLI 配置,请查看此处

$ jboss-cli.sh -standalone --file=batch.cli

# batch.cli
embed-server --std-out=echo
batch
/subsystem=undertow/server=default-server/http-listener=default:write-attribute(name=proxy-address-forwarding,value=true)
/subsystem=undertow/server=default-server/http-listener=default:write-attribute(name=redirect-socket,value=proxy-https)
/socket-binding-group=standard-sockets/socket-binding=proxy-https:add(port=443)
run-batch
stop-embedded-server
于 2016-02-06T20:28:15.880 回答