keycloak-scim/server_admin/topics/realms/ssl.adoc
2017-08-28 20:10:09 +02:00

28 lines
1.4 KiB
Text

[[_ssl_modes]]
=== SSL Mode
Each realm has an SSL Mode associated with it. The SSL Mode defines the SSL/HTTPS requirements for interacting with the realm.
Browsers and applications that interact with the realm must honor the SSL/HTTPS requirements defined by the SSL Mode or they
will not be allowed to interact with the server.
WARNING: {project_name} is not set up by default to handle SSL/HTTPS.
It is highly recommended that you either enable SSL on the {project_name} server itself or on a reverse proxy in front of the {project_name} server.
To configure the SSL Mode of your realm, you need to click on the `Realm Settings` left menu item and go to the `Login` tab.
.Login Tab
image:{project_images}/login-tab.png[]
The `Require SSL` option allows you to pick the SSL Mode you want. Here is an explanation of each mode:
external requests::
Users can interact with {project_name} so long as they stick to private IP addresses like `localhost`, `127.0.0.1`, `10.0.x.x`, `192.168.x.x`, and `172..16.x.x`.
If you try to access {project_name} from a non-private IP address you will get an error.
none::
{project_name} does not require SSL. This should really only be used in development when you are playing around with things and don't want to bother
configuring SSL on your server.
all requests::
{project_name} requires SSL for all IP addresses.