#KEYCLOAK DevDay 2026: Scaling Trust: Building Multi-Region mTLS for Keycloak | Luis Rubiera
👉 This talk is from KEYCLOAK DevDay Community Conference 2026: https://keycloak-day.dev When your Keycloak clusters span multiple regions, mutual TLS (#mTLS) becomes both your best friend and your worst nightmare. Between certificate rotation, #CRL management, and service-to-service trust, a single misconfiguration can isolate an entire region. In this talk, I’ll walk through how we built and automated a multi-region Keycloak setup with mTLS at scale, securing communication across private and public networks while keeping latency and operational overhead under control. I’ll talk about: • What mTLS is and why it’s critical in modern #IAM setups • How Certificate Revocation Lists (CRL) work and why they matter • How to configure Keycloak to use both mTLS and CRL validation • The complexities of multi-region architectures: • Active-active vs. active-passive (our case) • Observability: how to detect, debug, and monitor broken trust chains • A live demo showing how certificate revocation and renewal propagate across regions You’ll leave with a step-by-step understanding of mTLS and CRL setup for Keycloak, plus practical strategies to keep your cross-region identity infrastructure both secure and resilient. Thanks for watching! Don't forget to subscribe 🔔 to my channel (if not already done) and give this video some thumbs up 👍 (aka "like"). Tell me about your experiences and thoughts about this topic in the comments. I'm looking forward to it! Thank YOU! --- I'm Niko - and I'm your Expert for Keycloak IAM & SSO and an independent freelance software consultant, developer and trainer. I'm here to help - you, your team and your company. How can I support you? Just get in contact: 🌎 Website: https://www.n-k.de 🔗 LinkedIn: / dasniko 🚧 GitHub Profile: https://github.com/dasniko 🦣 Mastodon: https://mastodon.cloud/@dasniko 🎥 YouTube Channel: / @dasniko All things Java, All-End (Frontend, Backend, Fullstack Deployments), Authentication, Security 🔐, IAM, Keycloak, Containers, DevOps, Cloud ☁️, Serverless, On-Premise Please understand that YouTube Comments are not a good place to get support in case of questions and errors. There are forums and groups out there (see links above) which are the right place to ask!
#KEYCLOAK DevDay 2026: From Pods to Permissions: Token Exchange Meets Kubernetes Service Identity
#KEYCLOAK DevDay 2026: Human and Workload Identities: Bridging the Gap w/ Keycloak | Dmitry Telegin
Inversión verde: el potencial agroganadero en la transición económica sostenible
Turing Award Winner: Disagreeing with Google, Postgres, Future Problems | Mike Stonebraker
#KEYCLOAK DevDay 2026: Replacing Keycloak's Infinispan Caches with Redis/Valkey
7 - Security - Andre Testa 1080p
#KEYCLOAK DevDay 2026: Governance as Code: Advanced FGAP for Real-World Keycloak Operations
Andrej Karpathy: From Vibe Coding to Agentic Engineering w/ Stephanie Zhan
OpenStack SCS-compliant deployment: child's play thanks to Yaook operator
Model Context Protocol (MCP) Explained for Beginners: AI Flight Booking Demo!
#KEYCLOAK DevDay 2026: Mobile apps authentication with Keycloak - navigating the pitfalls
#KEYCLOAK DevDay 2026: Implementing the Phantom Token Pattern with Keycloak | Thomas Darimont
#KEYCLOAK DevDay 2026: From Zero to Keycloak: Scaling Identity at Gusto | Espen Roth & Ankur Agrawal
Attacking AI - Jason Haddix - NDC Security 2026
7 Authentication Concepts Every Developer Should Know
#KEYCLOAK DevDay 2026: Keycloak and #EUDI-Wallet: A match made in heaven?
Inside the Mind of Anthropic CEO Dario Amodei | The Circuit | Extended Interview
#KEYCLOAK DevDay 2026: How to apply Keycloak to AI agents/Agent AI - Updates and future plans
Keycloak Tutorial for Beginners
