I am trying to create Keycloak as an Identity Provider in the console but I am getting a
"Could not connect to openid configuration of provider" when I click get thumbprint.
I am able to create the OIDC provider through the CLI, but when I try to do a AssumeRoleWithWebIdentity call, I get
"couldn't retrieve verification key from your identity provider, please reference AssumeRoleWithWebIdentity documentation for requirements"
I have referenced https://forums.aws.amazon.com/thread.jspa?threadID=248411&tstart=0 and https://forums.aws.amazon.com/thread.jspa?messageID=600673
The jwks uri exists at the provider url appended with "/.well-known/openid-configuration".
I am using self signed certs for Keycloak, and still not entirely sure whether this is okay.
I have also referenced https://forums.aws.amazon.com/thread.jspa?threadID=254423 and have tried with both wildcard and non-wildcard self signed certs.
Been stuck on this for a while, anyone have any insight? Thank you.
AWS 官方已更新 2 年前