Quick setup of SSL certificates using CERTBOT on KEYCLOAK

Very often, we are welcomed with the following window shown below if the SSL Certificates are not configured properly on KEYCLOAK — The Open Source Identity and Access Management for Modern Applications and Services. Here, I will state a couple of quick steps to get the SSL enabled on KEYCLOAK ( setup on Google Cloud).

Step 1: certbot certonly --standalone -d whatever.com

This will result in creating the following certificate artifacts:

Step 2: export these artifacts into a pkcs12 keystore using the following command line

openssl pkcs12 -export -inkey privkey.pem -in fullchain.pem -out kc.pkcs12 -name whatever.com

Step 3: Edit and configure the security-realm the KEYCLOAK configuration file @ keycloak/standalone/configuration/standalone.xml

<security-realm name="ApplicationRealm">
     <server-identities>
        <ssl>
         <keystore path="kc.pkcs12" relative-to="jboss.server.config.dir" keystore-password="changeit" alias="whatever.com" key-password="changeit" />
                    </ssl>
                </server-identities>

Step 4: Restart the SERVER, you are ready to Rock n Roll.