We run Keycloak in a Kubernetes environment using Docker containers. We are looking to integrate cert-manager service to handle automatic updates to TLS certificates within the environment. Is Keycloak setup in a way that it can detect these updates and apply the new certificate automatically or does a hard restart of the Keycloak service need to happen? If a restart is neccesary, are their any considerations we would need to know about? Thanks