Create Certificate Authority, TLS key and cert Create a private key openssl genrsa -out tls.key 2048 Create a CSR openssl req -new -key tls.key -out tls.csr Create a CA certificate openssl req -new -x509 -keyout ca.key -out ca.crt -days 365 -subj '/CN=localhost' Sign the CSR with the CA certificate to create server certificate openssl x509 -req -in tls.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out tls.crt -days 365 Create a new secret to hold the TLS key and certificate kubectl create secret tls keycloak-tls-secret --namespace YOUR_NAMESPACE --key tls.key --cert tls.crt