trying to mount in tls and cert files - legacy keycloak opeorator

[Michael Schmidt]

Hi there, due to what I believe is a bug in keycloak 18 x509 code flow I am trying to get a deployment rolling of keycloak 16 using the legacy operator. I have a custom tls and cert file I'd like keycloak to use.

I can't seem to mount it to the etc/x509/https/ as I am getting a CreateContainerError for a duplicate mount point. The crd when i put the files to the folder separately is putting them to etc/x509/https/tls.key/ folder and etc/x509/https/tls.crt/ folder/ I assume this means that the init container is putting down a tls.key and tls.cert in that folder?

My question is what environment variable do I need to set to override the default location that keycloak uses for tls.key and tls.cert files. If I knew that I could mount my certificates elsewhere and this would not be an issue.

my keycloak deployment spec looks as follows:

  keycloakDeploymentSpec:   

    experimental:

      env:

      - name: X509_CA_BUNDEL
        value: "path/to/ca/ca.crt"

      - name: HOSTNAME
         value: my.hostname.come

      volumes:

         defaultMode: 0775
         items:

           - name: keycloak-certs

             mountPath: /etc/x509/https/

             secrets:

              - keycloak-key

              - keycloak-crt

I also mount the trust store in, but I am manually transcribing here. The point is that I was handling this before with an init container, which I don't be able to do via the legacy operator. How are people doing this? should I be bundling all three certs into a single jks or something? if so where should that be put in the container so that things work?

[Michael Schmidt]

this was resolved, the solution is to first create the secret the keycloak operator is creating. that secret is called "sso-x509-https-secret" so create a secret of tyle tls in kubernetes with you certs before creating the keycloak instance

If you have multiple certs you will need to create each keycloak instance in a different namespace