Before reporting an issue

• I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.

Area

dist/quarkus

Describe the bug

Under Create LDAP Provider section (admin/master/console/#/master/user-federation/ldap/new), when performing an SSL/TLS-based Test Connection, the test succeeds for both Use Truststore SPI options: Always and Never, regardless of truststore configuration.
Note: The server certificate is added via the KC_TRUSTSTORE_PATHS option.

Case 1: When the certificate is present in the custom-mounted path specified by KC_TRUSTSTORE_PATHS, both Always and Never options succeed.
Case 2: When the certificate is removed from the custom-mounted path, both Always and Never options fail.

Version

26.4.7

Regression

• The issue is a regression

Expected behavior

The test should succeed only when the option is set to Always, and fail when set to Never.
SSL/TLS test connection should respect the selected option:

Always: Should succeed if the certificate is trusted.
Never: Should fail regardless of truststore configuration.

Actual behavior

Both options behave identically:

Succeed when certificate is present.
Fail when certificate is absent.

How to Reproduce?

Configure truststore path:
KC_TRUSTSTORE_PATHS=/opt/keycloak/certs/.crt

Navigate to Create LDAP Provider section.
Perform SSL/TLS Test Connection with options Always and Never:

Observe that both options succeed when cert is present.
Observe that both options fail when cert is removed.

Anything else?

No response