dcm4chee-arc-light: How to change arc's env 'AUTH_SERVER_URL' to another url?

[LeoGut]

Hello!

Following this installation guide for docker - Run-secured-archive-with-Elastic-Stack, it works perfectly.

That means I published the following forts among many others:
keycloak:8843
arc:8443

Then I placed keycloak behind nginx without external ports published, just like in this post and the .config looks something like shown below: 

server {

listen 443 ssl;

server_name my.domain;

ssl_certificate /etc/nginx/ssl/certificate.crt;

ssl_certificate_key /etc/nginx/ssl/certificate.key;

location /auth {

resolver 127.0.0.11 valid=10s;

proxy_pass https://keycloak:8843/auth;

proxy_set_header Host $host;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_set_header X-Forwarded-Proto $scheme;

}
...
}

The problem appears when I tried to change arc's environment variable:

-e AUTH_SERVER_URL=https://my.domain:8843/auth 
to 

-e AUTH_SERVER_URL=https://my.domain/auth 

It gives me internal server error when I try to open the regular archive-ui address:
https://my.domain:8443/dcm4chee-arc/ui2

Is it possible to point my archive-ui to a keycloak in a different host, or at least, to a keycloak without the port 8843 published?

I tried a few tricks like:
$ docker exec arc sh -c 'curl -vk $AUTH_SERVER_URL'
and nothing wrong seemed to happen.

[LeoGut]

Hello, for now, the reply about the 'env DISABLE_TRUST_MANAGER' does the trick and lets me connect to keycloak without an 'internal server error' message.
As far as I understand it, I am having isues with a wrong certificate.
I will fix it from now on ... hope it solves it.