Can I set multiple hostnames? Or can I set kerberos behind a reverse proxy?

jiny · August 22, 2022, 4:48am

Hi,

Setting hostname=b.com and sending https://b.com/realms/… works perfectly fine.
Kerberos works good.

But now I have keycloak behind a reverse proxy (a.com)
Setting hostname=a.com allows the oidc authentication but not kerberos.
I set the ProxyPass for 88 port as well, but I still get the NTLM prompt.
Changing the Keytab file and the Server Principal in the admin console to a.com also did not help.
(FYI. Both a.com and b.com keytabs were created in the AD server, not the proxy server.)

So I’m looking for a way to either:

Make kerberos work where keycloak is behind the reverse proxy

Set multiple hostnames in keycloak.conf

I found Keycloak Quarkus multiple hostname (googleusercontent.com) and [keycloak-user] Reverse Proxy Keycloak - Kerberos SPNEGO breaks (jboss.org) but both not have any answer…

Leon_BUDA · June 18, 2024, 1:17pm

I know it was a long time ago, but did you by any chance find an answer? I have the same problem now.

best regards
Leon

Topic		Replies	Views
Keycloak (not) responding to multiple names behind reverse proxy Configuring the server	3	3063	June 15, 2022
Keycloak on subpath and behind reverse proxy Configuring the server	1	47	December 20, 2025
Keycloak with different urls per realm, behind apache reverse proxy Configuring the server admin-console	8	188	March 1, 2025
Using Keycloak behind Kong proxy - redirection issue Configuring the server	2	2317	July 1, 2022
Understanding hostname/proxy settings Configuring the server	4	68	January 18, 2026

Can I set multiple hostnames? Or can I set kerberos behind a reverse proxy?

Related topics