Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enhance keycloak-admin-client extension to support TLS trust and key stores #37243

Closed
barreiro opened this issue Nov 21, 2023 · 1 comment · Fixed by #43303
Closed

Enhance keycloak-admin-client extension to support TLS trust and key stores #37243

barreiro opened this issue Nov 21, 2023 · 1 comment · Fixed by #43303
Assignees
Labels
kind/enhancement New feature or request
Milestone

Comments

@barreiro
Copy link
Contributor

Description

When connecting to a keycloak instance that has TLS encryption enabled, for example when running in Openshift with a certificate provided by the Service CA, the certificate cannot be provided to the extension and the only option is to set it system-wide which requires elevated privileges to do.

After #37206 is possible to disable TLS verification altogether, but that may not be desired for other extensions.

In addition to that mutual TLS is not possible at all because we cannot set client certificate.

Implementation ideas

Should be something similar to what has been done for oidc client extension in #18012 .

@barreiro barreiro added the kind/enhancement New feature or request label Nov 21, 2023
@michalvavrik michalvavrik self-assigned this Jun 5, 2024
@michalvavrik
Copy link
Member

I think this should wait for #38811 considering major changes in REST client TLS registry.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
kind/enhancement New feature or request
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants