Description Ingo Jürgensmann 2023-02-01 12:01:40 CET

When testing out Keycloak from the App Center, some missing parts in the current Keycloak documentation got my attention: 

1) "ucs/server/sso/virtualhost" is undocumented
Although "ucs/server/sso/virtualhost" is important for generating the Apache2 config in /etc/apache2/sites-availbe/univention-keycloak.conf it is not listed under Configuration -> 2.9 Settings. If this UCRV is set to "false" an empty Apache config will be generated and Keycloak won't work. 

2) Keycloaks Apache UCRVs are not documented
When using e.g. LetsEncrypt (or other) SSL certs for Apache, you'll need to set some more variables: 
- keycloak/apache2/ssl/certificate 
- keycloak/apache2/ssl/key
- keycloak/apache2/ssl/ca (maybe not always needed)
- keycloak/url/prefix (is being set via UMC, I guess)
- keycloak/server/sso/certificate/generation

No UCRV seems to have a description set in UMC as well, so the more important is a comprehensive documentation.