Deploying RHPAM/RHDM using the operator allows users to select a secret containing the keystore instead of generating it.

In productive environments it is common to have a custom certificate, most likely with a custom password and alias.

Console UI/Operator:

• Keystore password: Currently, when provided will be used to generate the certificates, if not provided will be generated as well. When users provide possible different keystores it is not possible to set this password independently (or even globally). This should be moved to each component configuration and if provided, set the HTTPS_PASSWORD environment variable and used to generate the keystore if the secret has not been provided.
• Keystore certificate alias: Is not configurable and should be configurable for each artifact.

Documentation:

•  Keystore password: It is mentioned that the default value is `mykeystorepass` however, the value is generated or provided by the user in the common config's "keystore password" field.
• It should be good to mention which environment variables should be set in each case to override/set the alias, password and keystore file.
  • HTTPS_NAME => alias being jboss the default value
  • HTTPS_PASSWORD => keystore password being generated if not provided
  • HTTPS_KEYSTORE => keystore file name in the mounted secret being keystore.js the default value

For further information please refer to the linked BAPL.