Let's Encrypt on Ubuntu for Spring-Boot applications

application.yml

server:
  port: 8443
   ssl:
    # this should match with the used ${DEST}
    key-store: file:./keystore.p12
    key-store-password: password
    keyStoreType: PKCS12
    keyAlias: tomcat

install_certificate.sh

#!/bin/bash
# Add the staging option (--staging) to certbot-auto if you wish to validate the procedure
DEST=$1
DOMAIN=$2
EMAIL=$3

mkdir -p /opt/certbot
wget https://dl.eff.org/certbot-auto -O /opt/certbot/certbot-auto
chmod a+x /opt/certbot/certbot-auto
/opt/certbot/certbot-auto certonly --debug --non-interactive --email ${EMAIL} --agree-tos --standalone -d ${DOMAIN} --keep-until-expiring
openssl pkcs12 -export -in /etc/letsencrypt/live/${DOMAIN}/cert.pem -inkey /etc/letsencrypt/live/${DOMAIN}/privkey.pem -out ${DEST} -name tomcat -CAfile /etc/letsencrypt/live/${DOMAIN}/chain.pem -caname root -passout pass:password

renew_certificate.sh

#!/bin/bash
# Make sure to reboot the SpringBoot application
DEST=$1
DOMAIN=$2

/opt/certbot/certbot-auto renew
openssl pkcs12 -export -in /etc/letsencrypt/live/${DOMAIN}/cert.pem -inkey /etc/letsencrypt/live/${DOMAIN}/privkey.pem -out ${DEST} -name tomcat -CAfile /etc/letsencrypt/live/${DOMAIN}/chain.pem -caname root -passout pass:password

that is what I was looking for. Thanks