Self-signed Server SSl Certificate does not update

I am managing a keycloak server that runs as a jboss/keycloak image on a synology nas. The keycloak server is configured to use self-signed ssl certificate (signed with our root certificate).
Now, I created a new root certifacte and signed new server certificates (with openssl). I renamed the server certificate and keyfile to tls.crt and tls.key and uploaded these files to a folder (ssl-Folder) on the nas. The ssl-Folder is mounted in the jboss/keycloak docker image via the docker-compose.yml file:
- ssl-Folder:/etc/x509/https

I restarted the jboss/keycloak docker-container via the terminal command
sudo docker restart
Additionally, I restarted the nas hosting the container.

If I login the running jboss/keycloak docker-container via portainer I can see that the new tls.crt and tls.key files are available within the running container at the path /etc/x509/https and that they are readable for user/group/other. According to jboss/keycloak user guide (Section “Setting up TLS (SSL)”): “The image will automatically convert them into a Java keystore and reconfigure Wildfly to use it”

However, if I open the address of the keycloak-server in my browser window it is shown that the connection is secured with the old ssl-certificate. It seems to me that the keystore is not updated automatically.

I further connected to the keycloak admin console and deleted the user/realm/keys cache (Master -> Realm Settings -> Cache). Still the new certificate is not used by the server.

What do I have to do to make the server use the new ssl-certificates

Were you able to resolve this issue?
I am having similar issue and I am struggling for solution.

Hi alex_ER

I have had the same problem and I have solved it as follows:

1º Access the container
sudo docker exec -it container-name /bin/bash

2º Access the following directory and run the script:
cd /opjboss/tools/ ./

3º $sudo docker restart container-id

And you got it. Hope that helps!