We have installed :
- traefik 2.0 via helm chart
- keycloak via helm chart (cluster ip with 80/8443 ports)
Using HTTP and ingressroutes to access Keycloak gui on auth/admin works fine
Issue arise when we try to use 443 to 8443 redirection, shows internal errors and wrong auth in keycloak logs
After reading through, find out that when keycloak is behind reverse proxy and couple lbs, some of the required for HTTPs headers are lost
So, I guess these ones are missing after ELB > Traefik > Keycloak traffic passthrough :
- X-Forwarded-For
- X-Forwarded-Proto
And even in keycloak docs those are required.
So, my questions, can someone help on settings this through traefik middleware?
When using nginx there are multiple examples like
proxy_set_header *Host $host*;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
P.S : I don't want to authenticate ingress with using keycloak (forward headers to authentication server ), but have working ingress for accessing keycloak APIs
Would love to have an example
Best Regards,
Vlad