Replace LDAPS_SERVER with your LDAP server hostname:
openssl s_client -connect LDAPS_SERVER:636 -showcerts
Save the certificate output to:
C:\apps\keycloak-26.1.4\cert\trustkeystore.pem
Create startserver.bat with the following content.
Replace the placeholders before running:
SQLSERVERHOST, USER, PASSWORD — your MSSQL connection detailsXXX.pfx and the keystore password — your HTTPS certificateREM Set the admin credentials (used for the initial admin account creation)
set KEYCLOAK_ADMIN=admin
set KEYCLOAK_ADMIN_PASSWORD=changeme
REM Start Keycloak with MSSQL configuration
kc.bat start ^
--truststore-paths=C:\apps\keycloak-26.1.4\cert\trustkeystore.pem ^
--http-enabled=true ^
--cache=local ^
--https-key-store-file=C:\apps\keycloak-26.1.4\cert\XXX.pfx ^
--https-key-store-password=PFXPASSWORD ^
--hostname=your.hostname.example ^
--db=mssql ^
--db-url "jdbc:sqlserver://SQLSERVERHOST:1433;databaseName=KeycloakDB;trustServerCertificate=True" ^
--db-username USER ^
--db-password PASSWORD
Execute the batch file from an elevated command prompt. Enjoy 🚀