Keycloak and Nginx

Keycloak Behind a Reverse Proxy with HTTPS

Secure Keycloak with HTTPS

Open source identity and access management solution

In this article, I will show how to run Keycloak behind Nginx with HTTPS. For simplicity, I will be using my local environment to deploy relevant services with Docker.

1) Create Dockerfile for local Nginx

I used mkcert to create certificates and install the local CA in the system trust store in petschenek/nginx image. If you want to specify some other domain names other than localhost, you can reconfigure the Dockerfile below:

2) Create a new Docker Network

Since the default bridge network that docker uses unless we specify another one while creating a container cannot provide automatic DNS resolution between containers and the -link flag is a legacy feature, we need to create an additional bridge network

docker network create keycloak-network 

3) Add nginx.conf and docker-compose.yml files to your local

4) Run the containers

docker-compose up --build -d --force-recreate 

Afterward you can access keycloak admin page via https://localhost in your browser

RESOURCES:

mkcert.org

Running Keycloak in a container

Using a reverse proxy