I’ve got a fairly complicated setup where keycloak 21 is implemented for a project in openshift.
I have created a trusstore.jks file (the same) for
SSO_TRUSTSTORE,
KC_HTTPS_TRUST_STORE_FILE
KC_SPI_TRUSTSTORE_FILE_FILE
So I can do User Federation with LDAPS against AD.
And everything works just fine. But now traefik has been implemented in front of keycloak and it uses the internal openshift route to keycloak https://keycloak:8553 and not the openshift exposed route.
Traefik cannot run in secured mode as it get the original selfsigned certificate from keycloak that was created on container creation !
What am I missing ?