wiki

User Tools

Site Tools

Trace: keycloak_installation_on_windows_and_linux iam_production_deployment_guide
iam_production_deployment_guide

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
iam_production_deployment_guide [2026/02/26 10:18] – [Proxy through NGINX] pradnyaiam_production_deployment_guide [2026/02/26 12:47] (current) – [cPanel's userdata include] pradnya
Line 331: Line 331:
 </code> </code>
  
-===== Proxy through NGINX =====+===== Proxy through NGINX - Droplet FIX =====
  
 To resolve on browser error "We are sorry… HTTPS required" To resolve on browser error "We are sorry… HTTPS required"
Line 426: Line 426:
 Start NginX Start NginX
  
-<code>systemctl restart nginx+<code> 
 +systemctl restart nginx 
 </code> </code>
  
Line 438: Line 440:
 |HTTP|TCP|80|All IPv4, All IPv6| |HTTP|TCP|80|All IPv4, All IPv6|
 |HTTPS|TCP|443|All IPv4, All IPv6| |HTTPS|TCP|443|All IPv4, All IPv6|
-|SSH|TCP|22| \\ All IPv4, All IPv6 \\ |+|SSH|TCP|22| \\ All IPv4, All IPv6
 + 
 +Allow Nginx to connect to local ports 
 +<code> 
 + 
 + setsebool -P httpd_can_network_connect 1 
 + 
 +#or 
 + 
 +setenforce 1 
 + 
 +</code> 
 + 
 +Stop docker and NginX and start again. 
 + 
 +===== cPanel's userdata include ===== 
 + 
 +**Step 1: Create the userdata directories** 
 + 
 +bash 
 + 
 +<code> 
 +mkdir -p /etc/apache2/conf.d/userdata/std/2_4/ctapi/kcloak.ctapi.in/ 
 +mkdir -p /etc/apache2/conf.d/userdata/ssl/2_4/ctapi/kcloak.ctapi.in/ 
 + 
 +</code> 
 + 
 +**Step 2: Create HTTP proxy config** 
 + 
 +bash 
 + 
 +<code> 
 +nano /etc/apache2/conf.d/userdata/std/2_4/ctapi/kcloak.ctapi.in/proxy.conf 
 + 
 +</code> 
 + 
 +Add: 
 + 
 +<code> 
 +RewriteEngine On RewriteRule ^(.*)$ https://kcloak.ctapi.in$1 [R=301,L]<code> 
 + 
 +**Step 3: Create HTTPS proxy config** 
 + 
 +bash 
 + 
 +<code>nano /etc/apache2/conf.d/userdata/ssl/2_4/ctapi/kcloak.ctapi.in/proxy.conf 
 + 
 +</code> 
 + 
 +Add: 
 + 
 +<code> 
 +ProxyPreserveHost On\ 
 +ProxyPass / http://127.0.0.1:8080/\ 
 +ProxyPassReverse / http://127.0.0.1:8080/
 +RequestHeader set X-Forwarded-Proto "https"
 +RequestHeader set X-Forwarded-Port "443" 
 + 
 +</code> 
 + 
 +**Step 4: Rebuild Apache config and restart** 
 + 
 +bash 
 + 
 +<code> 
 +/scripts/rebuildhttpdconf 
 +httpd -t 
 +systemctl restart httpd 
 + 
 +</code> 
 + 
 +Then test: 
 + 
 +bash 
 + 
 +<code> 
 +curl -I https://kcloak.ctapi.in 
 + 
 +</code> 
 + 
 +Expected result: 
 + 
 +<code> 
 +curl -I [[https://kcloak.ctapi.in/|https://kcloak.ctapi.in]] 
 + 
 +HTTP/1.1 302 Found Date: Thu, 26 Feb 2026 11:22:25 GMT 
 + 
 +Server: Apache 
 + 
 +Location: [[https://kcloak.ctapi.in/admin/|https://kcloak.ctapi.in/admin/]] 
 + 
 +Referrer-Policy: no-referrer 
 + 
 +Strict-Transport-Security: max-age=31536000; includeSubDomains 
 + 
 +X-Content-Type-Options: nosniff 
 + 
 +X-XSS-Protection: 1; 
 + 
 +mode=block 
 + 
 +</code> 
 + 
 +Check for **Location: https://kcloak.ctapi.in/admin/|https://kcloak.ctapi.in/admin/** 
 + 
 +This is poining to correct directory and not apache direcoty with cgi folder.
  
  
iam_production_deployment_guide.1772101122.txt.gz · Last modified: by pradnya