Hi, I have been trying to get the access token from keycloack using client certificate for granting the token. I am using a self signed certificate on keycloack which is my authorization server and a root signed certificate for my client that is requesting the access token.
I have added the root CA of the client to a keystore and I am passing it in my start up command.
This is my start command on windows:
bin\kc.bat start-dev --https-certificate-file=./cert/key_cloack_certificate.crt --https-certificate-key-file=./cert/key_cloack_private.key --https-port=8443 --https-trust-store-file=./cert/truststore.jks --https-trust-store-password=randomPassword–https-client-auth=request --verbose --https-protocols=TLSv1.2
I have made sure that client credential has been set in the admin console and I am sure that the subject DN is correct.
I am using a simple python client to obtain the access token:
url = “https://localhost:8443/realms/master/protocol/openid-connect/token”
headers = {
‘Content-Type’: ‘application/x-www-form-urlencoded’
}
body = {
“grant_type” : “client_credentials”
}
response = requests.post(url, headers=headers, data=body, verify=“key_cloack_certificate.crt”,
cert=(“client_cert.crt”, “client_cert.key”))
token_response = response.json()
access_token = token_response.get(‘access_token’)
print(“Access Token:”, access_token)
I can see that on wireshark the certificates of keycloack and my client are correctly sent and the TLS handshake succeeds but I get this error on keycloack and the response I get is null:
[org.keycloak.events] (executor-thread-9) type=“CLIENT_LOGIN_ERROR”, realmId=“25ade688-cde5-4af8-95fa-4b7143b53060”, realmName=“master”, clientId=“null”, userId=“null”, ipAddress=“0:0:0:0:0:0:0:1”, error=“client_not_found”, grant_type=“client_credentials”
I would be grateful if anyone could give me some support to solve this 
Regards,
RR