services.keycloak.database.caCert

The SSL / TLS CA certificate that verifies the identity of the database server.

Required when PostgreSQL is used and SSL is turned on.

For MySQL, if left at null, the default Java keystore is used, which should suffice if the server certificate is issued by an official CA.

Type

null or absolute path

Default

null

Declared

<nixpkgs/nixos/modules/services/web-apps/keycloak.nix>