-
-
Save jnorthrup/66186744d406365f3c82b9acb627411b to your computer and use it in GitHub Desktop.
How to use Letsencrypt certificate & private key with Jetty
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| if [ ! -n "$1" ]; then | |
| echo "usage: letsencrypt-jetty-auto.sh your_password_here" | |
| exit 1 | |
| fi | |
| # input: fullchain.pem and privkey.pem as generated by the "letsencrypt-auto" script when run with | |
| # the "auth" aka "certonly" subcommand | |
| # convert certificate chain + private key to the PKCS#12 file format | |
| openssl pkcs12 -export -out keystore.pkcs12 -in fullchain.pem -inkey privkey.pem -passout pass:$1 | |
| # convert PKCS#12 file into Java keystore format | |
| keytool -importkeystore -srckeystore keystore.pkcs12 -srcstoretype PKCS12 -destkeystore keystore.jks -noprompt -srcstorepass $1 -deststorepass $1 | |
| # don't need the PKCS#12 file anymore | |
| rm -f keystore.pkcs12 | |
| # Now use "keystore.jks" as keystore in jetty with the keystore password you specfied when you ran | |
| # the "keytool" command | |
| echo "Now use keystore.jks as keystore in jetty with the keystore password $1" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # input: fullchain.pem and privkey.pem as generated by the "letsencrypt-auto" script when run with | |
| # the "auth" aka "certonly" subcommand | |
| # convert certificate chain + private key to the PKCS#12 file format | |
| openssl pkcs12 -export -out keystore.pkcs12 -in fullchain.pem -inkey privkey.pem | |
| # convert PKCS#12 file into Java keystore format | |
| keytool -importkeystore -srckeystore keystore.pkcs12 -srcstoretype PKCS12 -destkeystore keystore.jks | |
| # don't need the PKCS#12 file anymore | |
| rm keystore.pkcs12 | |
| # Now use "keystore.jks" as keystore in jetty with the keystore password you specfied when you ran | |
| # the "keytool" command |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment