...
Code Block | ||||
---|---|---|---|---|
| ||||
apiVersion: v1 kind: Secret metadata: name: cm-keycloak-jwk-pw namespace: default type: Opaque data: password: Y2hhbmdlaXQ= --- apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: keycloak-server-cert namespace: default spec: secretName: cm-keycloak-server-certs duration: 2160h # 90d renewBefore: 360h # 15d subject: organizations: - oran organizationalUnits: - oran countries: - IE localities: - Dublin streetAddresses: - Main Street commonName: keycloak isCA: false keystores: jks: create: true passwordSecretRef: name: cm-keycloak-jwk-pw key: password privateKey: algorithm: RSA encoding: PKCS1 size: 2048 usages: - server auth dnsNames: - keycloak.default - keycloak - keycloak.est.tech emailAddresses: - server@mail.com issuerRef: name: cm-ca-issuer kind: Issuer group: cert-manager.io |
his This certificate creates a secret "cm-keycloak-server-certs" containing 5 data items: tls.key (private key), tls.crt (Corresponding certificate), ca.crt (CA certificate), keystore.jks (keystore) and truststore.jks (truststore)
...