3 Replies Latest reply on Jan 16, 2015 8:32 PM by Ken Finnigan

    Is liveoak distributed with SSL enabled?

    Peter Huncar Newbie

      Or should I manually set up SSL for WildFly?

       

      I installed liveoak, started it, but after trying to access admin page not from localhost, I get a page informing me that HTTPS is required.

      I don't know if it's related (well, it's SSL related), I'm getting the following error during startup:

       

      ERROR [io.undertow.client] (ServerService Thread Pool -- 50) UT005026: Jetty ALPN support not found on boot class path, SPDY client will not be available.

       

      When accessing liveoak from localhost, everything works, (no ssl required).

       

      Thanks

       

      Regards

       

      Peter

        • 1. Re: Is liveoak distributed with SSL enabled?
          Ken Finnigan Master

          As with WildFly, LiveOak does not have SSL enabled by default.

           

          The Undertow error is related to SPDY, which we don't use, so it can be ignored.

           

          Was the server started with "-b 0.0.0.0" ? If not, the server won't be accessible by anything except localhost.

           

          I've accessed it from other hosts without SSL enabled, so that shouldn't be the issue.

           

          Hope that helps

          Ken Finnigan

          Project Lead

          • 2. Re: Is liveoak distributed with SSL enabled?
            Peter Huncar Newbie

            Hello

             

            Yes, I'm following liveoak.io documenattion. It does not matter what IP I use for liveoak to bind. 0.0.0.0, 127.0.0.1 or real external IP, I get the same page after accessing admin.

            You can check it by yourself (bound to 0.0.0.0) http://46.28.108.121:8080

            However, if I connect to a local IP (I'm using a ssh tunnel and putty socks proxy functionality) it works like charm.

             

            Regards

             

            Peter

            • 3. Re: Is liveoak distributed with SSL enabled?
              Ken Finnigan Master

              Apologies Peter,

               

              I think I know what the issue is now.

               

              I believe it's related to Keycloak being configured to only allow access to the admin console from localhost:8080

               

              What you will need to do is modify the URLs that are defined within Keycloak that define how the console will be accessed. You can use the directions here for details on how to access the Keycloak admin console. You will need to set the Redirect URIs, Base URL, and Web Origins to have the URLs that include the IP address or hostname under which they will be accessed, instead of localhost.

               

              Regards

              Ken