Hi,
In an effort to use keycloak as an IDP with Azure for multi factor
authentication, Azure expects the x5c property to be available in the JWK
when querying the jwks_uri.
The change would simply include the x5c property as part of the returned
JWK as described here (
https://tools.ietf.org/html/rfc7517#section-4.7).
In short, the x5c property contains the certificate chain.
The change would involve updating
core\src\main\java\org\keycloak\jose\jwk\JWKBuilder.java to generate the
certificate chain from the RsaKeyMetadata certificate.
Thanks