keycloak-scim/server_admin/topics/realms/ssl.adoc

[[_ssl_modes]]

=== SSL Mode

Each realm has an SSL Mode associated with it.  The SSL Mode defines the SSL/HTTPS requirements for interacting with the realm.
Browsers and applications that interact with the realm must honor the SSL/HTTPS requirements defined by the SSL Mode or they
will not be allowed to interact with the server.

WARNING:  {project_name} generates a self-signed certificate the first time it runs.  Please note that self-signed certificates are not secure, and should only be used for testing purposes.  It is highly recommended that you install a CA-signed certificate on the {project_name} server itself or on a reverse proxy in front of the {project_name} server.  See the link:{installguide_link}[{installguide_name}].

To configure the SSL Mode of your realm, you need to click on the `Realm Settings` left menu item and go to the `Login` tab.

.Login Tab
image:{project_images}/login-tab.png[]

The `Require SSL` option allows you to pick the SSL Mode you want.  Here is an explanation of each mode:

external requests::
  Users can interact with {project_name} without SSL so long as they stick to private IP addresses like `localhost`, `127.0.0.1`, `10.0.x.x`, `192.168.x.x`, and `172.16.x.x`.
  If you try to access {project_name} without SSL from a non-private IP address you will get an error.

none::
  {project_name} does not require SSL.  This should really only be used in development when you are playing around with things and don't want to bother
  configuring SSL on your server.

all requests::
  {project_name} requires SSL for all IP addresses.
fixing cross-references, adding and changing attribute id's 2016-06-01 08:49:54 +00:00			`[[_ssl_modes]]`
realms 2016-05-13 14:41:36 +00:00
			`=== SSL Mode`

			`Each realm has an SSL Mode associated with it. The SSL Mode defines the SSL/HTTPS requirements for interacting with the realm.`
			`Browsers and applications that interact with the realm must honor the SSL/HTTPS requirements defined by the SSL Mode or they`
			`will not be allowed to interact with the server.`

Update ssl.adoc 2019-01-24 02:03:20 +00:00			`WARNING: {project_name} generates a self-signed certificate the first time it runs. Please note that self-signed certificates are not secure, and should only be used for testing purposes. It is highly recommended that you install a CA-signed certificate on the {project_name} server itself or on a reverse proxy in front of the {project_name} server. See the link:{installguide_link}[{installguide_name}].`
realms 2016-05-13 14:41:36 +00:00
			To configure the SSL Mode of your realm, you need to click on the `Realm Settings` left menu item and go to the `Login` tab.

			`.Login Tab`
Convert documentation to AsciiDoctor 2017-08-28 12:50:14 +00:00			`image:{project_images}/login-tab.png[]`
realms 2016-05-13 14:41:36 +00:00
			The `Require SSL` option allows you to pick the SSL Mode you want. Here is an explanation of each mode:

			`external requests::`
Update ssl.adoc Clarify the description of 'external requests' SSL mode 2019-01-23 17:48:40 +00:00			Users can interact with {project_name} without SSL so long as they stick to private IP addresses like `localhost`, `127.0.0.1`, `10.0.x.x`, `192.168.x.x`, and `172.16.x.x`.
			`If you try to access {project_name} without SSL from a non-private IP address you will get an error.`
realms 2016-05-13 14:41:36 +00:00
			`none::`
Convert documentation to AsciiDoctor 2017-08-28 12:50:14 +00:00			`{project_name} does not require SSL. This should really only be used in development when you are playing around with things and don't want to bother`
realms 2016-05-13 14:41:36 +00:00			`configuring SSL on your server.`

RH602 and 642 updates 2016-12-01 22:17:15 +00:00			`all requests::`
Convert documentation to AsciiDoctor 2017-08-28 12:50:14 +00:00			`{project_name} requires SSL for all IP addresses.`