--- /dev/null
+#
+# ============LICENSE_START=======================================================
+# Copyright (C) 2023 Nordix Foundation.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+#
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+ name: keycloak-client-cert
+ namespace: default
+spec:
+ secretName: cm-keycloak-client-certs
+ duration: 2160h # 90d
+ renewBefore: 360h # 15d
+ subject:
+ organizations:
+ - oran
+ organizationalUnits:
+ - oran
+ countries:
+ - IE
+ localities:
+ - Dublin
+ streetAddresses:
+ - Main Street
+ commonName: keycloak
+ isCA: false
+ privateKey:
+ algorithm: RSA
+ encoding: PKCS1
+ size: 2048
+ usages:
+ - client auth
+ dnsNames:
+ - keycloak.default
+ - keycloak
+ - keycloak.est.tech
+ emailAddresses:
+ - client@mail.com
+ issuerRef:
+ name: cm-ca-issuer
+ kind: Issuer
+ group: cert-manager.io