Looks like either the change to ubi-minimal base image or change from JDK 8 to 11 has caused some regressions with regards to TLS: https://issues.jboss.org/browse/KEYCLOAK-11988 https://issues.jboss.org/browse/KEYCLOAK-12017 Not sure how many people are affected, but perhaps we could add an environment variable to enable TLS 1.1?