Uploaded image for project: 'Red Hat build of Keycloak'
  1. Red Hat build of Keycloak
  2. RHBK-2663

mTLS stops functioning one hour after startup in RHBK26

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • 26.4.x, 26.2.10
    • 26.0.x
    • team/cloud-native
    • None
    • False
    • Hide

      None

      Show
      None
    • False

      From RHBK 26, certificate and key reloading feature is added.

      https://docs.redhat.com/en/documentation/red_hat_build_of_keycloak/26.0/html-single/server_configuration_guide/index#enabletls-certificate-and-key-reloading

      By default this reloads the certificate and key file every 1 hour, but due to this bug in Quarkus, mTLS stop functions after the first reloading.

      Workaround:
      Configure `https-certificates-reload-period=-1` to disable the reloading.

      Quarkus tracker: https://github.com/quarkusio/quarkus/issues/45565

      This will be implicitly fixed in RHBK 26.2 which will use newer Quarkus version.

              Unassigned Unassigned
              rh_vmuzikar Václav Muzikář
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: