create a CA, self-sign a certificate and add https through an nginx in front of keycloak. - View it on GitHub