postgresql - Keycloak 无法连接到 Postgres：“需要 SSL 连接”

问题描述

我正在我的 Azure-Kubernetes-Cluster 上设置 KeyCloak。KeyCloak 应该连接到我的 Azure-Postgres 数据库。它失败：“致命：需要 SSL 连接。请指定 SSL 选项并重试。”

没有 Postgres（删除所有 DB-Attributes）Keycloak 工作正常（使用默认 h2），包括入口。找不到有关如何正确配置它的任何其他信息。

apiVersion: apps/v1
kind: Deployment
metadata:
  name: keycloak-deployment
  labels:
    app: keycloak
spec:
  replicas: 1
  selector:
    matchLabels:
      app: keycloak
  template:
    metadata:
      labels:
        app: keycloak
    spec:
      restartPolicy: Always
      containers:
      - name: keycloak
        image: jboss/keycloak
        imagePullPolicy: IfNotPresent          
        env:
          - name:  PROXY_ADDRESS_FORWARDING
            value: "true"
          - name: KEYCLOAK_USER
            value: "admin"
          - name: KEYCLOAK_PASSWORD
            value: "password"
          - name: JDBC_PARAMS
            value: "true"
          - name: DB_VENDOR
            value: "postgres"
          - name: DB_DATABASE
            value: "keycloak"
          - name: DB_ADDR
            value: "adress"
          - name: DB_PORT
            value: "5432"
          - name: DB_USER
            value: "keycloak@db"
          - name: DB_PASSWORD
            value: "password"
          - name: JDBC_PARAMS
            value: "ssl=true"
---

apiVersion: v1
kind: Service
metadata:
  name: keycloak
spec:
  ports:
    - name: https
      protocol: TCP
      port: 443
      targetPort: 8080
  selector:
    app: keycloak        
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: keycloak
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
    nginx.ingress.kubernetes.io/rewrite-target: /$1
spec:
  tls:
  - hosts:
    - host.de
    secretName: secret-name
  rules:
  - host: host.de
    http:
      paths:
      - path: /
        backend:
          serviceName: keycloak
          servicePort: 8080

我希望 keycloak 能够连接到 Postgres-DB。

标签： postgresqldockersslkuberneteskeycloak