Dev team - any comments on the commercial certificates instead of the ones created by Keycloak?


From: Raghuram Prabhala <>
To: Keycloak-user <>
Sent: Thursday, January 21, 2016 2:23 PM
Subject: Realm Certificate from commercial Vendors

I have a question about the Certificate/private key which is generated today by Keycloak. But rather than use that certificate ,is there any way we can use a commercial Certificate from Vendors like Verisign? When that certificate expires, how do we generate/upload a new certificate (lifecycle) and handle the switch over to a new certificate with minimal impact to any of the client who will have to download the new certificate and use it when KC starts using the new one?