Configure HTTPS for Keycloak - metadatacenter-attic/cedar-docs GitHub Wiki

In order to secure the communication between Nginx and Keycloak, we need to set up Keycloak to listen to HTTPS requests on port 443.

To do that, we need to add a certificate to the underlying Keycloak JBoss server.

For OS X, in order to keep things simple during development, we will use the pre-generated Java keystore file.

On RHEL 6.6 we suppose that we have a staging or live server, so we will generate a certificate with a tool called keytool. After that, we proceed in the same way as in the case of the OS X system.