Certification Renewal question

I am currently using let’encrypt with the Tomcat APR without using the Apcahe server or Nginx

I tried to do a certificate renewal test but I can not renew it before 30 days.

I want to set up automatic certificate renewal with Cron.

The question is

  1. Issuance of certificate was issued to 80 port and now 80 port is closed. Now I have only 443 ports open. Is it possible to update let’s encrypt to port 443 by closing port 80?

  2. Restarting Tomcat via Cron can cause service problems, so Cron can even renew the certificate and the developer must restart Tomcat. If I renew my certificate, will my old certificate be unusable? (Do I have to renew my certificate and restart Tomcat? Can I renew my certificate and restart Tomcat later?)

I am very curious.

Yes, LE can authenticate and renew certs via port 443.
But not by just closing port 80.

No, the old cert will still be valid until it expires.

I would think so.
The new cert would need to be loaded into Tomcat.

Yes, you can restart Tomcat at any point before the old cert expires to start using the new cert :slight_smile:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.