fph*_*lip 6 apache reverse-proxy mod-proxy httpd.conf keycloak
在我的apache服务器后面配置keycloak有问题,
混合内容:" https://dev.mydomain.com/auth/admin/master/console/ " 页面是通过HTTPS加载的,但请求了一个不安全的脚本" http://dev.mydomain.com/auth/resources /1.7.0.final/admin/keycloak/js/controllers/groups.js '.此请求已被阻止; 内容必须通过HTTPS提供.
我的apache配置是,
ServerName dev.mydomain.com
ServerAdmin dev@mydomain.com
SSLEngine on
SSLCertificateFile /opt/mydomain/domains/dev.mydomain.com/apache/dev.mydomain.com.crt
SSLCertificateKeyFile /opt/mydomain/domains/dev.mydomain.com/apache/dev.mydomain.com.key
SSLCertificateChainFile /opt/mydomain/domains/dev.mydomain.com/apache/dev.mydomain.com.ca-bundle
DocumentRoot /opt/mydomain/domains/dev.mydomain.com/apache/htdocs
<Directory /opt/mydomain/domains/dev.mydomain.com/apache/htdocs>
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
Require all granted
</Directory>
ProxyRequests Off
ProxyPreserveHost On
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"
<Proxy https://dev.mydomain.com/* >
Order deny,allow
Deny from all
Allow from all
</Proxy>
ProxyPass /auth http://localhost:10082/auth nocanon
ProxyPassReverse /auth http://localhost:10082/auth
知道什么是错的吗?
您还需要更新Wildfly配置,如在反向代理上启用SSL - >配置WildFly中所述
如果您要查找Wildfly CLI配置,请查看此处:
$ jboss-cli.sh -standalone --file=batch.cli
# batch.cli
embed-server --std-out=echo
batch
/subsystem=undertow/server=default-server/http-listener=default:write-attribute(name=proxy-address-forwarding,value=true)
/subsystem=undertow/server=default-server/http-listener=default:write-attribute(name=redirect-socket,value=proxy-https)
/socket-binding-group=standard-sockets/socket-binding=proxy-https:add(port=443)
run-batch
stop-embedded-server