How to Setup Docker Keycloak Behind Apache2.4 with SSL in AWS?
1. Launch EC2(AMI) and RDS(MySQL) in AWS
2. Create database and access user with name "keycloak"
3. Launch docker Keycloak
# docker run --name keycloak \
-e MYSQL_ADDR=your_aws_rds \
-e MYSQL_PASSWORD=keycloak_user_password \
-e PROXY_ADDRESS_FORWARDING=true \
-e KEYCLOAK_USER=your_keycloak_admin_name \
-e KEYCLOAK_PASSWORD=your_keycloak_admin_password \
-v /opt/jboss/keycloak/themes:/opt/jboss/keycloak/themes \
-p 127.0.0.1:8080:8080 \
-d jboss/keycloak
4. Download Keycloak
# wget https://downloads.jboss.org/keycloak/3.4.3.Final/keycloak-3.4.3.Final.tar.gz
# tar zxvf keycloak-3.4.3.Final.tar.gz
# cp -R keycloak-3.4.3.Final/themes/* /opt/jboss/keycloak/themes
5. Modified ssl.conf
# vim /etc/httpd/conf.d/ssl.conf
...
...
...
<VirtualHost _default_:443>
...
...
...
# General setup for the virtual host, inherited from global configuration
DocumentRoot "/var/www/html"
ServerName your_domain_name
ServerAlias www.your_domain_name
Protocols h2 http/1.1
<LocationMatch "^/(auth)/*">
ProxyPass http://127.0.0.1:8080
ProxyPassReverse http://127.0.0.1:8080
</LocationMatch>
...
...
...
</VirtualHost>
...
...
...
!wq
# service httpd restart
6. Browse https://your_domain_name/auth
Ref
3. Launch docker Keycloak
# docker run --name keycloak \
-e MYSQL_ADDR=your_aws_rds \
-e MYSQL_PASSWORD=keycloak_user_password \
-e PROXY_ADDRESS_FORWARDING=true \
-e KEYCLOAK_USER=your_keycloak_admin_name \
-e KEYCLOAK_PASSWORD=your_keycloak_admin_password \
-v /opt/jboss/keycloak/themes:/opt/jboss/keycloak/themes \
-p 127.0.0.1:8080:8080 \
-d jboss/keycloak
4. Download Keycloak
# wget https://downloads.jboss.org/keycloak/3.4.3.Final/keycloak-3.4.3.Final.tar.gz
# tar zxvf keycloak-3.4.3.Final.tar.gz
# cp -R keycloak-3.4.3.Final/themes/* /opt/jboss/keycloak/themes
5. Modified ssl.conf
# vim /etc/httpd/conf.d/ssl.conf
...
...
...
<VirtualHost _default_:443>
...
...
...
# General setup for the virtual host, inherited from global configuration
DocumentRoot "/var/www/html"
ServerName your_domain_name
ServerAlias www.your_domain_name
Protocols h2 http/1.1
<LocationMatch "^/(auth)/*">
ProxyPass http://127.0.0.1:8080
ProxyPassReverse http://127.0.0.1:8080
</LocationMatch>
...
...
...
</VirtualHost>
...
...
...
!wq
# service httpd restart
6. Browse https://your_domain_name/auth
Ref
# docker run --name keycloak \
-e MYSQL_ADDR=your_aws_rds \
-e MYSQL_PASSWORD=keycloak_user_password \
-e PROXY_ADDRESS_FORWARDING=true \
-e KEYCLOAK_USER=your_keycloak_admin_name \
-e KEYCLOAK_PASSWORD=your_keycloak_admin_password \
-v /opt/jboss/keycloak/themes:/opt/jboss/keycloak/themes \
-p 127.0.0.1:8080:8080 \
-d jboss/keycloak
# wget https://downloads.jboss.org/keycloak/3.4.3.Final/keycloak-3.4.3.Final.tar.gz
# tar zxvf keycloak-3.4.3.Final.tar.gz
# cp -R keycloak-3.4.3.Final/themes/* /opt/jboss/keycloak/themes
5. Modified ssl.conf
# vim /etc/httpd/conf.d/ssl.conf
...
...
...
<VirtualHost _default_:443>
...
...
...
# General setup for the virtual host, inherited from global configuration
DocumentRoot "/var/www/html"
ServerName your_domain_name
ServerAlias www.your_domain_name
Protocols h2 http/1.1
<LocationMatch "^/(auth)/*">
ProxyPass http://127.0.0.1:8080
ProxyPassReverse http://127.0.0.1:8080
</LocationMatch>
...
...
...
</VirtualHost>
...
...
...
!wq
# service httpd restart
6. Browse https://your_domain_name/auth
Ref
# vim /etc/httpd/conf.d/ssl.conf
...
...
...
<VirtualHost _default_:443>
...
...
...
# General setup for the virtual host, inherited from global configuration
DocumentRoot "/var/www/html"
ServerName your_domain_name
ServerAlias www.your_domain_name
Protocols h2 http/1.1
<LocationMatch "^/(auth)/*">
ProxyPass http://127.0.0.1:8080
ProxyPassReverse http://127.0.0.1:8080
</LocationMatch>
...
...
...
</VirtualHost>
...
...
...
!wq
# service httpd restart
Ref
Author And Source
この問題について(How to Setup Docker Keycloak Behind Apache2.4 with SSL in AWS?), 我々は、より多くの情報をここで見つけました https://qiita.com/moonlightbox/items/b5a6f9955e4eb27083ba著者帰属:元の著者の情報は、元のURLに含まれています。著作権は原作者に属する。
Content is automatically searched and collected through network algorithms . If there is a violation . Please contact us . We will adjust (correct author information ,or delete content ) as soon as possible .