keycloak: 18.1 conf/keycloak.conf can't process https-certificate-file
Describe the bug
On Debian10, the below works:
bin/kc.sh start --auto-build --https-certificate-key-file="path/to/privkey.pem" --https-certificate-file="path/to/fullchain.pem"
But below does not work – conf/keycloak.conf
https-certificate-key-file=path/to/privkey.pem
https-certificate-file=path/to/fullchain.pem
and cli:
bin/kc.sh start --auto-build
Version
18.1
Expected behavior
keycloak should run and accept connections from 8443
Actual behavior
Below error appears:
2022-06-23 09:20:32,384 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: Failed to start server in (production) mode
2022-06-23 09:20:32,385 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: "/path/to/fullchain.pem"
2022-06-23 09:20:32,390 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) Key material not provided to setup HTTPS. Please configure your keys/certificates or start the server in development mode.
How to Reproduce?
No response
Anything else?
No response
About this issue
- Original URL
- State: closed
- Created 2 years ago
- Comments: 15 (7 by maintainers)
It appears that the previous version of keycloak example conf for SSL didn’t contain a slash between the variable
${kc.home.dir}and literal path and the latest version does. So if you copy your old conf over it breaks. The fix is to add the slash between them. Example:vs
This saved my day w/ Keycloak 21.1.1. Switching to absolute path for
https-certificate-fileandhttps-certificate-key-fileinkeycloak.confmade the error “Key material not provided to setup HTTPS” disappear.