Keycloak missing truststore

The nubus Keycloak configuration in values-nubus.yaml.gotmpl is missing an environment variable KC_TRUSTSTORE_PATHS to configure Keycloak truststore when Keycloak is acting as client and connecting to a remote server, for example to an IdP.

https://www.keycloak.org/server/outgoinghttp

https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/-/blob/develop/helmfile/apps/nubus/values-nubus.yaml.gotmpl?ref_type=heads#L247

  extraEnvVars:
    - name: "KC_TRUSTSTORE_PATHS"
      value: "/etc/ssl/certs/ca-certificates.crt"
    - name: "KC_HTTPS_TRUST_STORE_FILE"
      value: "/etc/ssl/certs/truststore.jks"

Note: The variable KC_HTTPS_TRUST_STORE_FILE configures the truststore for incoming mTLS requests where Keycloak is acting as server.

https://www.keycloak.org/server/mutual-tls