Keycloak and Nginx
Keycloak Behind a Reverse Proxy with HTTPS
Secure Keycloak with HTTPS
In this article, I will show how to run Keycloak behind Nginx with HTTPS. For simplicity, I will be using my local environment to deploy relevant services with Docker.
1) Create Dockerfile for local Nginx
I used mkcert to create certificates and install the local CA in the system trust store in petschenek/nginx image. If you want to specify some other domain names other than localhost, you can reconfigure the Dockerfile below:
2) Create a new Docker Network
Since the default bridge network that docker uses unless we specify another one while creating a container cannot provide automatic DNS resolution between containers and the -link flag is a legacy feature, we need to create an additional bridge network
docker network create keycloak-network
3) Add nginx.conf and docker-compose.yml files to your local
4) Run the containers
docker-compose up --build -d --force-recreate
Afterward you can access keycloak admin page via https://localhost in your browser