Hi All, this document shows you how to set up a keycloak server in Linux. Keycloak is an open-source software product to allow single sign-on with Identity Management and Access Management aimed at modern applications and services. As of March 2018, this JBoss community project is under the stewardship of Red Hat who uses it as the upstream project for their RH-SSO product.
Prerequisites
* Java 1.8 running on the Linux server. If not installed check this link Setup Java 8 in Linux machine. * Working Nginx server.
Installation
Step 1: Login to the Linux server Step 2: Download Keycloak.
cd /opt/
wget https://downloads.jboss.org/keycloak/7.0.0/keycloak-7.0.0.tar.gz
tar -xvzf keycloak-7.0.0.tar.gz
mv keycloak-7.0.0.tar.gz keycloak
Step 1: Login to Nginx server and update in nginx.conf file.
upstream keycloak {
# Use IP Hash for session persistence
ip_hash;
# List of Keycloak servers
server 127.0.0.1:8080;
}
server {
listen 80;
server_name keycloak.domain.com;
# Redirect all HTTP to HTTPS
location / {
return 301 https://\$server_name\$request_uri;
}
}
server {
listen 443 ssl http2;
server_name keycloak.domain.com;
ssl_certificate /etc/pki/tls/certs/my-cert.cer;
ssl_certificate_key /etc/pki/tls/private/my-key.key;
ssl_session_cache shared:SSL:1m;
ssl_prefer_server_ciphers on;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://keycloak;
}
}
Once it’s completed restart the Nginx server to take immediate effect. Now access the given URL to access the keycloak server and use the credentials which you created in Step 9.
Hi Prabhin, your last block of code seems to be incomplete, can you give the whole nginx configuration?
i have updated @phil
Hello
I’m getting this message: We are sorry…. HTTPS required
Can you help me on this ?
Thanks a lot
[…] https://www.techrunnr.com/how-to-set-up-a-keycloak-server-in-linux/ […]