I made a post not to long ago about making an OIDC RP manaully. That post did not include using SSL either. This guide will includ ethe usage of the K-H-C-I (Keycloak httpd client install) tool and will be adding the SSL feature. I will assume that you already have a Keycloak server connected to IPA from the earlier posts. Keep in mind that the K-H-C-I tool that I am using is currently being changed and polished. I have been working on the tool to add the support for OIDC. They may be a some errors and bugs!

The first thing we’re going to have to do is inside the admin client of Keycloak. Navigate to https://idp.keycloak.test:8443/auth. Make sure you are in your test realm with your SSSD provider.

This is the first post where I will be installing Keycloak using FreeIPa for User Federation. I will be using mod_auth_openidc to configure an SP to provide authentication with Keycloak IdP.

You will want another machine/VM to host your Keycloak server. It will cause all kinds of problems if you try to set up the Keycloak Server on same machine as the IPA server. So make sure you’re on another machine/VM for this part of the tutorial.

This is the fourth part of my Keycloak and FreeIPA tutorial. I have already setup a FreeIPA server and a Keycloak server

Set up hostname

Sometimes I have trouble with using:

What is SSSD?

I am using an openstack vm that is running a newer version of CentOs.