Hi We are trying to test keycloak connecting to a MySQL database using TLS with self signed certificates. The container where this keycloak is running already has a truststore and a keystore file to be used, but I can’t find documentation on how to proceed. I saw that you can add the truststore with a block like: <spi name="truststore"> <provider name="file" enabled="true"> <properties> <property name="file" value="${env.APP_CONFIG_SSL_DATABASE_DIR}/truststore"/> <property name="password" value="${env.APP_STORE_PASS}"/> <property name="hostname-verification-policy" value="ANY"/> <property name="disabled" value="false"/> </properties> </provider> </spi> But what about the keystore? In a regular JAVA application I would need to run my java jar file with something like these for example: java -Djavax.net.ssl.trustStore=${APP_TRUSTED_SERVERS} -Djavax.net.ssl.trustStorePassword=${APP_STORE_PASS} -Djavax.net.ssl.keyStore=${APP_KEYSTORE_CLIENT} -Djavax.net.ssl.keyStorePassword=${APP_STORE_PASS} -jar target/myjarfile.jar In my truststore I would need to store the CA certificate from MySQL, and in my keystore the client certificate to connect. Then in my connection-url block I just define some booleans like useSSL, requireSSL and verifyServerCertificate. Thanks