Uploaded image for project: 'Red Hat build of Keycloak'
  1. Red Hat build of Keycloak
  2. RHBK-1375

Fix CRL verification failing due to client cert not being in chain

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 24.0.9
    • 24.0.x
    • source/customers
    • None
    • False
    • Hide

      None

      Show
      None
    • False

      When we Enable X509 Browser certificate authentication and turn CRL checking on with the CRL file option, the user always fails to authenticate. This seems to be due to Keycloak expecting a chain of certificates from the Client cert rather than just the client cert.

              mposolda@redhat.com Marek Posolda
              rhn-support-wfink Wolf Fink
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: