Skip to content

Apache configuration for Keycloak

  • KeyCloak needs a dedicated hostname or alias configured in DNS i.e. auth.local.ibfs.de
  • certificates for KeyCloak
  • configure vhost in http_ahssl.conf
<VirtualHost auth.kcserver:443>
    SSLEngine on
    ServerName auth.kcserver:443
    SSLCertificateFile "${SRVROOT}/conf/ssl/kcserver.pem"
    SSLCertificateKeyFile "${SRVROOT}/conf/ssl/kcserver.key"

    ProxyPreserveHost On
    ProxyRequests Off
    RequestHeader set X-Forwarded-Proto "https"
    RequestHeader set X-Forwarded-Port "443"

    ProxyPass / http://localhost:<kcport>/
    ProxyPassReverse / http://localhost:<kcport>/
</virtualhost>