Problem:Keycloak - Error when trying to connect to LDAP: 'UnknownError'


If you receive the following error message after updating the Keycloak application it may be, because the default settings have been changed in the latest version of the keycloak=22.0.3-ucs1 application.

Error when trying to connect to LDAP: 'UnknownError'

Screenshot from 2023-10-26 11-33-43


These default settings are correct when the Keycloak application is installed at the first time.
Use Truststore SPI = Never
Screenshot from 2023-10-26 11-34-54


There are two ways to fix this error.


If you want to use Use Truststore SPI = Always, just switch Enable StartTLS to off.
Screenshot from 2023-10-26 11-43-16

This works of course with ldaps and port 7636.
Screenshot from 2023-10-26 11-43-04


It is possible to reconfigure the application so that all settings are corrected to default.
This helps in most cases with other errors, such as sslHandshakeFailed error.

Log in as root from a terminal on your UCS system where the keycloak application is installed.

univention-app configure keycloak