Overview¶
To closely replicate the behavior of CEDAR
in production environment, we will set up HTTPS access for nginx
later during the installation.
This means that the browser will communicate with the nginx
using https.
Nginx
acting as a reverse proxy will communicate using plain HTTP with the microservices and frontends behind it.
Since this is a development installation, it is not easy to get proper SSL certificates. To overcome this, we will use self-signed certificates for development.
There is also back-channel communication between microservices and Keycloak
.
In order to make this work, we will need to add our self-signed certificates to the Java truststore.