If you receive the following error message after updating the Keycloak application it may be, because the default settings have been changed in the latest version of the keycloak=22.0.3-ucs1 application.
Error when trying to connect to LDAP: 'UnknownError'
These default settings are correct when the Keycloak application is installed at the first time.
Use Truststore SPI = Never
There are two ways to fix this error.
If you want to use Use Truststore SPI = Always, just switch Enable StartTLS to off.
This works of course with ldaps and port 7636.
It is possible to reconfigure the application so that all settings are corrected to default.
This helps in most cases with other errors, such as
Log in as root from a terminal on your UCS system where the keycloak application is installed.
univention-app configure keycloak