botic/updateCertsJetty.sh

## updateCertsJetty.sh
/root/letsencrypt/letsencrypt-auto renew

# convert certificate chain + private key to the PKCS#12 file format
openssl pkcs12 -export -out /etc/letsencrypt/live/serverA.example.org/keystore.pkcs12 -in /etc/letsencrypt/live/serverA.example.org/fullchain.pem -inkey /etc/letsencrypt/live/serverA.example.org/privkey.pem -passout pass:supersecret -name "serverA.example.org"
openssl pkcs12 -export -out /etc/letsencrypt/live/serverB.example.org/keystore.pkcs12 -in /etc/letsencrypt/live/serverB.example.org/fullchain.pem -inkey /etc/letsencrypt/live/serverB.example.org/privkey.pem -passout pass:supersecret -name "serverB.example.org"

# convert PKCS#12 file into Java keystore format
keytool -importkeystore -srckeystore /etc/letsencrypt/live/serverA.example.org/keystore.pkcs12 -srcstoretype PKCS12 -destkeystore /etc/letsencrypt/live/serverA.example.org/keystore.jks -storepass supersecret -srcstorepass supersecret -srcalias "serverA.example.org" -destalias "serverA.example.org" -noprompt
keytool -importkeystore -srckeystore /etc/letsencrypt/live/serverB.example.org/keystore.pkcs12 -srcstoretype PKCS12 -destkeystore /etc/letsencrypt/live/serverB.example.org/keystore.jks -storepass supersecret -srcstorepass supersecret -srcalias "serverB.example.org" -destalias "serverB.example.org" -noprompt

# import both
keytool -importkeystore -srckeystore /etc/letsencrypt/live/serverA.example.org/keystore.jks -destkeystore /usr/local/ringo-apps/common.jks -srcstorepass supersecret -deststorepass supersecret -srcalias "serverA.example.org" -destalias "serverA.example.org"
keytool -importkeystore -srckeystore /etc/letsencrypt/live/serverB.example.org/keystore.jks -destkeystore /usr/local/ringo-apps/common.jks -srcstorepass supersecret -deststorepass supersecret -srcalias "serverB.example.org" -destalias "serverB.example.org"

# delete the intermediate file
rm /etc/letsencrypt/live/serverA.example.org/keystore.pkcs12
rm /etc/letsencrypt/live/serverB.example.org/keystore.pkcs12
rm /etc/letsencrypt/live/serverA.example.org/keystore.jks
rm /etc/letsencrypt/live/serverB.example.org/keystore.jks
	/root/letsencrypt/letsencrypt-auto renew

	# convert certificate chain + private key to the PKCS#12 file format
	openssl pkcs12 -export -out /etc/letsencrypt/live/serverA.example.org/keystore.pkcs12 -in /etc/letsencrypt/live/serverA.example.org/fullchain.pem -inkey /etc/letsencrypt/live/serverA.example.org/privkey.pem -passout pass:supersecret -name "serverA.example.org"
	openssl pkcs12 -export -out /etc/letsencrypt/live/serverB.example.org/keystore.pkcs12 -in /etc/letsencrypt/live/serverB.example.org/fullchain.pem -inkey /etc/letsencrypt/live/serverB.example.org/privkey.pem -passout pass:supersecret -name "serverB.example.org"

	# convert PKCS#12 file into Java keystore format
	keytool -importkeystore -srckeystore /etc/letsencrypt/live/serverA.example.org/keystore.pkcs12 -srcstoretype PKCS12 -destkeystore /etc/letsencrypt/live/serverA.example.org/keystore.jks -storepass supersecret -srcstorepass supersecret -srcalias "serverA.example.org" -destalias "serverA.example.org" -noprompt
	keytool -importkeystore -srckeystore /etc/letsencrypt/live/serverB.example.org/keystore.pkcs12 -srcstoretype PKCS12 -destkeystore /etc/letsencrypt/live/serverB.example.org/keystore.jks -storepass supersecret -srcstorepass supersecret -srcalias "serverB.example.org" -destalias "serverB.example.org" -noprompt

	# import both
	keytool -importkeystore -srckeystore /etc/letsencrypt/live/serverA.example.org/keystore.jks -destkeystore /usr/local/ringo-apps/common.jks -srcstorepass supersecret -deststorepass supersecret -srcalias "serverA.example.org" -destalias "serverA.example.org"
	keytool -importkeystore -srckeystore /etc/letsencrypt/live/serverB.example.org/keystore.jks -destkeystore /usr/local/ringo-apps/common.jks -srcstorepass supersecret -deststorepass supersecret -srcalias "serverB.example.org" -destalias "serverB.example.org"

	# delete the intermediate file
	rm /etc/letsencrypt/live/serverA.example.org/keystore.pkcs12
	rm /etc/letsencrypt/live/serverB.example.org/keystore.pkcs12
	rm /etc/letsencrypt/live/serverA.example.org/keystore.jks
	rm /etc/letsencrypt/live/serverB.example.org/keystore.jks