KeyCloak Server LOGIN_ERROR beim Zugriff auf den Server unter Windows ⇐ Java

[Anonymous]

KeyCloak 26.4.2 oder 26.4.5 und jdk-21 unter Windows 10 ausführen.

Code: Select all

    // script to generate and install certificate
function Generate-Certificate{
$keycloakInstallationDir = "C:\PathToCertificate"
try{
$certFileName = "keycloakCertificate.pfx"
$certFileFullPath="$keycloakInstallationDir\\$certFileName"
# Use only safe characters: A-Z, a-z, 0-9, and basic symbols (no quotes, backticks, backslashes, etc.)
$safeChars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!@#$%*+-=?"
$password = -join ((1..32) | ForEach-Object { $safeChars[(Get-Random -Maximum $safeChars.Length)] })
# Define the DNS name of the certificate
$dnsName = "VMA-XXXXXX"
Get-ChildItem -Path Cert:\LocalMachine\ROOT | Where-Object { $_.Subject -match $dnsName } | Remove-Item
if (-not (Get-ChildItem -Path Cert:\LocalMachine\ROOT | Where-Object { $_.Subject -match $dnsName })) {
$cert = New-SelfSignedCertificate `
-Subject $dnsName `
-DnsName $dnsName `
-NotAfter (Get-Date).AddYears(1) `
-KeyAlgorithm RSA `
-KeyLength 4096 `
-HashAlgorithm "SHA512"

$pfxPassword = ConvertTo-SecureString -String $password -Force -AsPlainText
Export-PfxCertificate -Cert $cert -FilePath "$certFileFullPath" -Password $pfxPassword
Import-PfxCertificate -FilePath "$certFileFullPath" -CertStoreLocation Cert:\LocalMachine\ROOT -Password $pfxPassword

# Store password in a file next to the certificate
$passwordFilePath = "$keycloakInstallationDir\\keycloakCertificate.pwd"
Set-Content -Path $passwordFilePath -Value $password -NoNewline
}
else {
Write-Host "Certificate with DNS name $dnsName already exists"
}
}
catch {
Write-Host "$($MyInvocation.MyCommand.Name) - $_.Exception.Message"
}
}

Terminalbefehl zum Starten von Keycloak:

Code: Select all

kc.bat start --verbose --https-key-store-file="C:/PathToCertificate/keycloakCertificate.pfx" --https-key-store-password="XXXXXXXX" --https-key-store-type=PKCS12 --hostname=VMA-XXXXXXXX --log-level=debug > log.txt

Auf die Erstellung des Admin-Benutzers kann unter https://localhost:8443 zugegriffen werden. Nach dem Erstellen des Admin-Benutzers erhalte ich Folgendes:
"Es tut uns leid... Ungültiger Parameter: weitergeleitet_uri
« Zurück zur Anwendung"
Fehler im Terminal:

Code: Select all

2025-11-19 20:59:54,604 WARN  [org.keycloak.events] (executor-thread-3) type="LOGIN_ERROR", realmId="dd01824c-d9be-4ace-822e-5c1232dc1577", realmName="master", clientId="security-admin-console", userId="null", ipAddress="10.113.157.61", error="invalid_redirect_uri", redirect_uri="https://vma-bf27cbdfbe:8443/admin/master/console/"