letsencrypt tomcat keystore

Reference book : leanpub.com/crypto
Reference blog : 8gwifi.org/docs
letsencrypt tomcat keystore
Create the Keystore
keytool -genkey -alias tomcat -keyalg RSA -keystore /home/ec2-user/.keystore -keysize 2048
Gneerate the CSR
keytool -certreq -alias tomcat -file request.csr -keystore /home/ec2-user/.keystore
Request for certificate
sudo ./certbot-auto certonly --csr request.csr --no-bootstrap
PEM file will be generated
add the pem file to the keystore
keytool -import -trustcacerts -alias tomcat -file 0001_chain.pem -keystore ./.keystore
Tomcat server chnages
edit the server.xml file
add keystore location and password in the SSL connector
NAT Changes
Restart the server
Verify the chnages

Iptables changes
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080
iptables -t nat -I OUTPUT -p tcp -d 127.0.0.1 --dport 80 -j REDIRECT --to-ports 8080

iptables -t nat --line-numbers -n -L

iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-port 8443
iptables -t nat -I OUTPUT -p tcp -d 127.0.0.1 --dport 443 -j REDIRECT --to-ports 8443
iptables -t nat --line-numbers -n -L


letsencrypt tomcat ubuntu
letsencrypt tomcat 8 ubuntu
certbot tomcat
let's encrypt jks
certbot tomcat 8
letsencrypt java keystore
letsencrypt webroot tomcat
tomcat letsencrypt ssl