Certbot and Tomcat
Let’s say you have a domain host.domain.pl and you want to run Tomcat with SSL certificate. You can do it following way
1. Generate certificate using certbot
Take a look here: CentOS 7 β issues while using certbot
2. Once it’s generated, create PKCS12 keystore
> sudo openssl pkcs12 -export \ -inkey /etc/letsencrypt/live/host.domain.pl/privkey.pem \ -in /etc/letsencrypt/live/host.domain.pl/fullchain.pem \ -out /etc/letsencrypt/live/host.domain.pl/keystore.p12 \ -name tomcat
3. Update application.properties file
# Location of keystore file. Note that you can move it somewhere else, # for example into location where your server is. server.ssl.key-store=file:///etc/letsencrypt/live/host.domain.pl/keystore.p12 # This is the password you have typed in while exporting # pem to p12 server.ssl.key-store-password=your_pass server.ssl.keyStoreType=PKCS12 # This is the name of keystore, one that you have passed # as -name while exporting pem to p12 server.ssl.keyAlias=tomcat
April 21st, 2021 in
main entries