openshift-docs | OpenShift 3 and 4 product and community documentation

IMHO you are misinterpreting some of the settings you specify here.

The VM arguments after "-Dkubernetes.master=" you specify here I assume are meant to be given to the fabric8 maven plugin which you use for deployment. Right?

The parameters that are about authentication/certificates here are ONLY for the communication to kubernetes and NOT intended for giving keystore data to your application to use. So I think they are unrelated.

Instead you need to ensure that inside your container your app gets started with the same parameters that you use for local execution. Of course you then would have to change the parameter values to where the respective data is available inside your container.

Secrets are a tool to add sensitive data to your deployment that you don't want to be baked into your application image. So for example your keystores and the keystore passwords would qualify to be injected via secret.

An alternative to providing secret data as environment variable, like you tried, is to just mount them into the filesystem which makes the secret data available as files. As your application needs the JKS as a file you could do the following.

1. In the web console on your deployment, use the link "Add config files" under section "Volumes"

2. Select the secret "my-key-jks" created before as "source".

3. Specify some path where the secret should be mounted inside your container, for example "/secret". Then click "Add".

4. You jks will then be available inside your container under path "/secret/key.jks" so your applications parameter can point to this path.