Configuring Keycloak for Productive Operation
Keycloak is shipped with an H2 database by default so that it can be used without further configuration. However, the H2 database is not suitable for productive operation due to security weaknesses and limited scalability.
To use Keycloak for secure productive operation, you should configure the following beforehand:
- TLS (Transport Layer Security)
- Hostname
- Reverse proxy/load balancer component
- SQL database
Note:
For more information on configuring databases for productive operation, see the official Keycloak documentation (https://www.keycloak.org):
- Connecting an alternative database to Keycloak for productive operation: https://www.keycloak.org/server/configuration-production (Guides > Server > Configuring Keycloak for Production)
- Connecting databases to Keycloak: https://www.keycloak.org/server/db (Guides > Server > Configuring the Database)
Note:
Please keep in mind that the settings differ depending on the type of the database.
For setting up an alternative database with Keycloak, you have to import the default Keycloak X4Realm and users.
For this purpose, use the scripts included in the <server directory>\keycloak\data\import (X4Realm-realm.json and X4Realm-users-0.json) folder.
Both scripts can be imported via an include mechanism described in the official Keycloak documentation: https://www.keycloak.org/server/importExport (Guides > Server > Importing and Exporting Realms).