Skip to content

Instantly share code, notes, and snippets.

@xkr47
Last active June 26, 2024 09:03
Show Gist options
  • Save xkr47/920ffe94f6a4c171ee59 to your computer and use it in GitHub Desktop.
Save xkr47/920ffe94f6a4c171ee59 to your computer and use it in GitHub Desktop.
How to use Letsencrypt certificate & private key with Jetty
# input: fullchain.pem and privkey.pem as generated by the "letsencrypt-auto" script when run with
# the "auth" aka "certonly" subcommand
# convert certificate chain + private key to the PKCS#12 file format
openssl pkcs12 -export -out keystore.pkcs12 -in fullchain.pem -inkey privkey.pem
# convert PKCS#12 file into Java keystore format
keytool -importkeystore -srckeystore keystore.pkcs12 -srcstoretype PKCS12 -destkeystore keystore.jks
# don't need the PKCS#12 file anymore
rm keystore.pkcs12
# Now use "keystore.jks" as keystore in jetty with the keystore password you specfied when you ran
# the "keytool" command
@xkr47
Copy link
Author

xkr47 commented Jul 26, 2021

Omg thanks everybody for your nice comments, glad it was of help! :)

16 forks & 56 stars 😲

Thanks @juleskers — yeah things have definately improved a lot since the letsencrypt snowballing started :)

@bakursait2
Copy link

Thank you.. That's helped me to figure out how to have the key-certificate thing is done in jetty. It worked with me, though I kept the pkcs12 format and did not convert it to jks.
Actually, I tried first to convert it, but It a warning showed up and advised me to keep using pkcs12.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment