Snippets

Geoffrey Brossard Renew Let's encrypt certificate on Jetty

Created by Geoffrey Brossard
renew-cert.sh
Raw 
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
nano /etc/iptables/rules.v4 # -> comment line redirecting 443 to 8443
netfilter-persistent reload

letsencrypt renew

nano /etc/iptables/rules.v4 # -> uncomment commented line
netfilter-persistent reload

openssl pkcs12 -export -out keystore.pkcs12 -in /etc/letsencrypt/live/api.mylinkooportal.com/fullchain.pem -inkey /etc/letsencrypt/live/api.mylinkooportal.com/privkey.pem
rm /usr/share/jetty9/etc/keystore 
keytool -keystore /usr/share/jetty9/etc/keystore -import -alias jetty -file keystore.pkcs12 -trustcacerts
keytool -importkeystore -srckeystore keystore.pkcs12 -srcstoretype PKCS12 -destkeystore /etc/jetty9/keystore

# if changed, the keytool password is stored in OBF format (see http://www.eclipse.org/jetty/documentation/current/configuring-security-secure-passwords.html)
# it is set in /usr/share/jetty9/start.ini (and default in /usr/share/jetty9/etc/jetty-ssl.xml)

service jetty9 restart

Comments (0)

HTTPS SSH

You can clone a snippet to your computer for local editing. Learn more.