Package org.keycloak.services.x509
package org.keycloak.services.x509
-
ClassDescriptionThe provider allows to extract X.509 client certificate forwarded to keycloak configured behind the Apache reverse proxy.The provider retrieves a client certificate and the certificate chain (if any) from the incoming TLS connection.The factory and the corresponding providers extract a client certificate and the certificate chain (if any) from the incoming TLS connection.The provider allows to extract X.509 client certificate forwarded to the keycloak middleware configured behind the haproxy reverse proxy.The NGINX Provider extract end user X.509 certificate send during TLS mutual authentication, and forwarded in an http header.The factory and the corresponding providers extract a client certificate from a NGINX reverse proxy (TLS termination).The NGINX Trusted Provider verify extract end user X.509 certificate sent during TLS mutual authentication, verifies it against provided CA the and forwarded in an HTTP header along with a new header ssl-client-verify: SUCCESS.