Invalid parameter: redirect_uri

5,009 views
Skip to first unread message

rschiec...@gmail.com

unread,
Sep 21, 2017, 4:09:53 PM9/21/17
to dcm4che
Hello.


I'm having troubles with creating the OIDC client. I entered https://hostname:8443/dcm4chee-arc/ui2 as the root value and http://hostname:8080/dcm4chee-arc/ui2/* as the Valid Redirect URI in the admin console.


When I try to access http://hostname:8080/dcm4chee-arc/ui2 a page is displayed that just says "We're sorry... Invalid parameter: redirect_uri"


In the keycloak logfile it reports:


2017-09-21 18:04:31,995 WARN [org.keycloak.events] (default task-2) type=LOGIN_ERROR, realmId=dcm4che, clientId=dcm4chee-arc-ui, userId=null, ipAddress=162.5.36.86, error=invalid_redirect_uri, redirect_uri=https://hostname:8443/dcm4chee-arc/ui2/


I am using a valid, resolvable hostname and I am completely stuck here.


Any ideas?

Gunter Zeilinger

unread,
Sep 22, 2017, 7:49:23 AM9/22/17
to dcm...@googlegroups.com

--
You received this message because you are subscribed to the Google Groups "dcm4che" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dcm4che+unsubscribe@googlegroups.com.
To post to this group, send email to dcm...@googlegroups.com.
Visit this group at https://groups.google.com/group/dcm4che.
For more options, visit https://groups.google.com/d/optout.

ivan....@idi.gencat.cat

unread,
Sep 22, 2017, 9:59:55 AM9/22/17
to dcm4che
Hi,

I have the same problem because i dont have a dns server. My solution, use the /etc/hosts file and pass to the docker container machine using the docker-compose.yml

Regards,
Iván

El dijous, 21 setembre de 2017 22:09:53 UTC+2, rschiec...@gmail.com va escriure:

rschiec...@gmail.com

unread,
Sep 22, 2017, 6:34:25 PM9/22/17
to dcm4che
Wow.  It looks like this is an SSL issue.   Since we aren't allowed to use self-signed certificates in our production environments I submitted a CSR to our own authority and make a key.jks file.   I mapped this into the dcm4chee_arc_1 and dcm4chee_keycloak_1 containers.  The behavior was strange and not consistent.  Sometimes I would get the "redirect_uri" error.  Other times it would return "client not found".   I noticed this error in the wildfly logs:

sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

So I pulled out the cacerts.jks and it looks like the attached file.

So now my question is how do I make a truststore (cacerts.jks) that works with my keystore (key.jks)?  Is anyone else using their own CA (not self signed) with a keystore/truststore that works with dcm4chee-arc-light?

MUCH thanks in advance if you can help!


On Friday, September 22, 2017 at 4:49:23 AM UTC-7, gunterze wrote:
On Thu, Sep 21, 2017 at 10:09 PM, <rschiec...@gmail.com> wrote:
Hello.


I'm having troubles with creating the OIDC client. I entered https://hostname:8443/dcm4chee-arc/ui2 as the root value and http://hostname:8080/dcm4chee-arc/ui2/* as the Valid Redirect URI in the admin console.


When I try to access http://hostname:8080/dcm4chee-arc/ui2 a page is displayed that just says "We're sorry... Invalid parameter: redirect_uri"


In the keycloak logfile it reports:


2017-09-21 18:04:31,995 WARN [org.keycloak.events] (default task-2) type=LOGIN_ERROR, realmId=dcm4che, clientId=dcm4chee-arc-ui, userId=null, ipAddress=162.5.36.86, error=invalid_redirect_uri, redirect_uri=https://hostname:8443/dcm4chee-arc/ui2/


I am using a valid, resolvable hostname and I am completely stuck here.


Any ideas?

--
You received this message because you are subscribed to the Google Groups "dcm4che" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dcm4che+u...@googlegroups.com.
cacerts.jpg

gunterze

unread,
Sep 23, 2017, 1:33:19 AM9/23/17
to dcm4che
It's a different problem!

If you have no DNS you may also just use the IP. Otherwise you would have to add an entry in the hosts file at any client you want to use the Web UI!

gunterze

unread,
Sep 23, 2017, 1:38:46 AM9/23/17
to dcm4che
Import your root certificate into cacerts.jks using keytool -importcert.

rschiec...@gmail.com

unread,
Oct 3, 2017, 1:42:40 PM10/3/17
to dcm4che
That fixed it.  Thanks!

keeneye

unread,
Jul 23, 2018, 11:14:03 AM7/23/18
to dcm4che
Hi Gunterze,

Greetings!

Sorry I am new to this step and a i am stock to the "Invalid parameter: redirect_uri" page.
Is it possible to give me details of how to import root certificate into cacerts.jks using keytool -importcert.

I was checking wildfly folder but there is no cacerts.jks available.

Thank so much for considering and taking time for this request.

Best Regards,
Arnold

keeneye

unread,
Jul 24, 2018, 8:54:24 AM7/24/18
to dcm4che
Please disregard my below request. I have figured out the problem. my keycloak client settings is incorrect.

Thank you.
Message has been deleted

keen eye

unread,
Jul 27, 2018, 3:18:09 AM7/27/18
to dcm...@googlegroups.com
Dear Amms,

My Error is in the Clients>>dcm4chee-arc-ui settings of keycload i also put a value in Root URL which is /dcm4chee-arc/ui2/*.
and in the Secure Wildfly configuration steps 19 and 20, i put the value version of dcm4chee arc as 5.13. 2 instead of 5.13.3.

Hope it helps.

Thank you.

On Tue, Jul 24, 2018 at 9:40 PM, Amms <amrit...@gmail.com> wrote:

Hello keeneye,

Can you please mention how you fix the problem. I also have same issue of inavalid redirect uri

--
You received this message because you are subscribed to the Google Groups "dcm4che" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dcm4che+unsubscribe@googlegroups.com.

Ganeshbabu Nageswararao

unread,
Jan 24, 2019, 11:29:36 PM1/24/19
to dcm4che

my keyclock url - https://192.168.2.1:8443 my gerrit apps - http://192.168.1.1:7070 so i used valid urls in keycloack client as - http://192.168.1.1:7070

my gerrit.config

[plugin "gerrit-oauth-provider-keycloak-oauth"]
        root-url = https://192.168.2.1:8443
        realm = master
        client-id = gerrit

But i am getting error as in UI when gerrit redirect to keycloack We're sorry Invalid parameter: redirect_uri Could you please help me how to resolve it ...





On Friday, July 27, 2018 at 12:48:09 PM UTC+5:30, keeneye wrote:
Dear Amms,

My Error is in the Clients>>dcm4chee-arc-ui settings of keycload i also put a value in Root URL which is /dcm4chee-arc/ui2/*.
and in the Secure Wildfly configuration steps 19 and 20, i put the value version of dcm4chee arc as 5.13. 2 instead of 5.13.3.

Hope it helps.

Thank you.
On Tue, Jul 24, 2018 at 9:40 PM, Amms <amrit...@gmail.com> wrote:

Hello keeneye,

Can you please mention how you fix the problem. I also have same issue of inavalid redirect uri




On Tuesday, July 24, 2018 at 6:24:24 PM UTC+5:30, keeneye wrote:
Please disregard my below request. I have figured out the problem. my keycloak client settings is incorrect.

Thank you.

On Monday, July 23, 2018 at 11:14:03 PM UTC+8, keeneye wrote:
Hi Gunterze,

Greetings!

Sorry I am new to this step and a i am stock to the "Invalid parameter: redirect_uri" page.
Is it possible to give me details of how to import root certificate into cacerts.jks using keytool -importcert.

I was checking wildfly folder but there is no cacerts.jks available.

Thank so much for considering and taking time for this request.

Best Regards,
Arnold

--
You received this message because you are subscribed to the Google Groups "dcm4che" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dcm4che+u...@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages