You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Exposed admin paths lead to an unnecessary attack vector.
One idea is for each administrator to create a key and self-signed client certificate, require client certificates for /admin/ paths in nginx configuration, and add those self-signed certificates to the nginx trusted certificate list.
The text was updated successfully, but these errors were encountered:
At https://www.keycloak.org/server/reverseproxy it says:
One idea is for each administrator to create a key and self-signed client certificate, require client certificates for
/admin/paths innginxconfiguration, and add those self-signed certificates to thenginxtrusted certificate list.The text was updated successfully, but these errors were encountered: