Skip to content

Instantly share code, notes, and snippets.

@weiserr
Last active August 7, 2022 12:04
Show Gist options
  • Save weiserr/f6b65f11182956c23bfbe08fbc084e94 to your computer and use it in GitHub Desktop.
Save weiserr/f6b65f11182956c23bfbe08fbc084e94 to your computer and use it in GitHub Desktop.
Let's Encrypt on Ubuntu for Spring-Boot applications
server:
port: 8443
ssl:
# this should match with the used ${DEST}
key-store: file:./keystore.p12
key-store-password: password
keyStoreType: PKCS12
keyAlias: tomcat
#!/bin/bash
# Add the staging option (--staging) to certbot-auto if you wish to validate the procedure
DEST=$1
DOMAIN=$2
EMAIL=$3
mkdir -p /opt/certbot
wget https://dl.eff.org/certbot-auto -O /opt/certbot/certbot-auto
chmod a+x /opt/certbot/certbot-auto
/opt/certbot/certbot-auto certonly --debug --non-interactive --email ${EMAIL} --agree-tos --standalone -d ${DOMAIN} --keep-until-expiring
openssl pkcs12 -export -in /etc/letsencrypt/live/${DOMAIN}/cert.pem -inkey /etc/letsencrypt/live/${DOMAIN}/privkey.pem -out ${DEST} -name tomcat -CAfile /etc/letsencrypt/live/${DOMAIN}/chain.pem -caname root -passout pass:password
#!/bin/bash
# Make sure to reboot the SpringBoot application
DEST=$1
DOMAIN=$2
/opt/certbot/certbot-auto renew
openssl pkcs12 -export -in /etc/letsencrypt/live/${DOMAIN}/cert.pem -inkey /etc/letsencrypt/live/${DOMAIN}/privkey.pem -out ${DEST} -name tomcat -CAfile /etc/letsencrypt/live/${DOMAIN}/chain.pem -caname root -passout pass:password
@sebasira
Copy link

sebasira commented Oct 23, 2019

Thanks for your reply! I'm testing this right now and let you know how it goes!

@sebasira
Copy link

Thanks! It works great!

@robertohein
Copy link

Thanks! i wrote something similar about a month ago and lost it, thanks for sharing! gonna test it tomorrow at work!

@jorgebee65
Copy link

that is what I was looking for. Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment