Table of Contents
Overview
Recently, I upgraded keycloak from 17 to 26. The update was swift. Keycloak did all the database migration. However, after the upgrade, the site broke.
I set up keycloak behind a Caddy proxy.
I hope this helps saving you some hours.
Caddy’s config
http://your-site.xyz.io {
redir https://{host}{uri} permanent
}
https://your-site.xyz.io {
tls internal
reverse_proxy keycloak:8080 {
header_up X-Forwarded-Proto https
header_up X-Forwarded-For {remote_host}
header_up X-Forwarded-Host {host}
header_up Host {host}
}
}Keycloak’s config
DB_VENDOR=mariadb DB_ADDR=keycloak_db:3306 DB_DATABASE=keycloak_1 DB_USER=root DB_PASSWORD=xxxxxxxxxxxx KEYCLOAK_USER=xxxxxxxxxxx KEYCLOAK_PASSWORDD=xxxxxxxxx KC_DB=mariadb KC_DB_URL_HOST=keycloak_db:3306 KC_DB_DATABASE=keycloak_1 KC_DB_URL=jdbc:mariadb://keycloak_db:3306/keycloak_1 KC_DB_USERNAME=root KC_DB_PASSWORD=xxxxxxxxxxx KC_ADMIN=ickc_114 KC_ADMIN_PASSWORD=xxxxxxxxxx KC_THEME=keywind KC_PROXY=edge KC_HTTP_ENABLED=true PROXY_ADDRESS_FORWARDING=true KC_PROXY_HEADERS=xforwarded
You may struggled with issues with mixed content, the config from 21 to 24 solved that for me.
Important changes
If you experience 404 on URLs /auth/realms/ukata/protocol/openid-connect/3p-cookies/step1.html in keycloak 26, try to remove the auth/ path
I build softwares that solve problems. I also love writing/documenting things I learn/want to learn.