diff --git a/docker-containers/keycloak/docker-compose.yml b/docker-containers/keycloak/docker-compose.yml
index e96c594..0270964 100644
--- a/docker-containers/keycloak/docker-compose.yml
+++ b/docker-containers/keycloak/docker-compose.yml
@@ -29,19 +29,24 @@ services:
       - KC_HOSTNAME=auth.cttue.de
       - KC_HOSTNAME_STRICT_HTTPS=false
       - KC_PROXY=edge
-      - KC_HTTP_ENABLED=true
-      - KC_HOSTNAME_STRICT=false
       - KC_FEATURES=account2,account-api
-      - VIRTUAL_HOST=auth.cttue.de
       - VIRTUAL_PORT=8080
-      - LETSENCRYPT_HOST=auth.cttue.de
     restart: always
     networks:
       - local-keycloak
-      - cttue_web_services
-
+      - traefik
+    labels:
+      - traefik.enable=true
+      - traefik.docker.network=traefik
+      - traefik.http.routers.keycloak.entrypoints=web-secure
+      - traefik.http.routers.keycloak.service=keycloak
+      - traefik.http.routers.keycloak.rule=Host(`auth.cttue.de`)
+      - traefik.http.routers.keycloak.tls=true
+      - traefik.http.routers.keycloak.tls.certResolver=default
+      - traefik.http.routers.keycloak.tls.domains[0]=cttue.de
+      - traefik.http.routers.keycloak.tls.domains[0].sans=auth.cttue.de
+      - traefik.http.services.keycloak.loadbalancer.server.port=8080
 networks:
-  cttue_web_services:
-    external: true
   local-keycloak:
-
+  traefik:
+   external: true
\ No newline at end of file