As an addition to our Setting Up A Keycloak Server For Authenticating To FileMaker series, we’ve documented the new approach to configuring the SSL certificate in Keycloak 16. Hopefully this is useful to more than just FileMaker folks:
It is also available on our website at soundsessential.com.
Thank-you for the informative article. It seems to be based on the assumption that the keystore contains a single entry. Sites with multiple entries in their keystore should use the ‘alias-filter’ attribute as shown below:
<file path="keycloak.jks" relative-to="jboss.server.config.dir"/>
<key-manager name="applicationKM" key-store="applicationKS" alias-filter="ALIAS" >
<server-ssl-context name="applicationSSC" key-manager="applicationKM"/>
Where 'ALIAS" matches the output of keytool -list -keystore keycloak.jks and ‘PASSWORD’ matches the password of the keystore.
This attribute is described here: Chapter 1. Securing the Server and Its Interfaces Red Hat JBoss Enterprise Application Platform 7.2 | Red Hat Customer Portal