I have a question about the Certificate/private key which is generated today by Keycloak.
But rather than use that certificate ,is there any way we can use a commercial Certificate
from Vendors like Verisign? When that certificate expires, how do we generate/upload a new
certificate (lifecycle) and handle the switch over to a new certificate with minimal
impact to any of the client who will have to download the new certificate and use it when
KC starts using the new one?