Does vaultwarden work with a self-signed certificate on sso host

[mozhaevworks]

I'm trying to use vaultwaden with a keycloak which has a self-signed certificate on it.
vaultwarden runs with a letsencrypt certificate on it.
I mounted certificate and run update-ca-certificates. Checked it with curl, so curl trusts keycloak domain, but i still getting an error.

2025-09-05 14:57:59.864][reqwest::connect][DEBUG] starting new connection: https://keycloak_domain/
[2025-09-05 14:57:59.911][vaultwarden::sso][ERROR] Failed to discover OpenID provider: Request failed

I tried with another keycloak instance, which has a letsencrypt certificate, and got successfully redirected to keycloak.
Any advices ?

[crleekwc]

I have configured a non-standard certificate authority using a chain cert. I had to create a kubernetes secret, and do a volume mount in my deployment to the path "/etc/ssl/certs/" and override the existing ca-certificates.crt file. Then I was able to connect to my keycloak instance just fine after that.