Hi Andrea, all
I simply put in a file /etc/dovecot/keys/webmail/RS256/<key id> the value of the public key found on the keycloak console.
Which is the correct format of that file?
It's json. I had the same question initially, had to check the code.
I obtain that file from https://${keycloak}/auth/realms/${realm}/protocol/openid-connect/certs (jwks_uri link in https://${keycloak}/auth/realms/${realm}/.well-known/openid-configuration)
It looks something like: {"kid": "...", "kty": "RSA", "alg": "RS256", "use": "sig", "n": ... "e": "AQAB", "x5c": ["....."], "x5t": "...", "x5t#S256": "..."}
I see from the documentation that 2.3.16 will support auto discovery: https://doc.dovecot.org/configuration_manual/authentication/oauth2/#openid-d...
Cheers, Vincent