How to enable letsencrypt tomcat9

ederjdi · June 30, 2022, 5:14pm

Good afternoon dear colleagues, I have a doubt and I would like your help, I am using an unbuntu linux with tomcat9 I managed to generate the letsencrypt keys (chain.pem, fullchain.pem, privkey.key and cert.pem) and they are inside the /etc/letsencrypt folder

my question is how to activate it in tomcat9.

in the server.xml file I have the following configuration:

<Connector port="443" protocol="org.apache.coyote.http11.Http11AprProtocol" maxThreads="150" SSLEnabled="true" >
        <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
        <SSLHostConfig>
            <Certificate certificateKeyFile="/etc/certs/privkey.key" certificateFile="/etc/certs/cert.pem" certificateChainFile="/etc/certs/chain.pem" type="RSA">
        </SSLHostConfig>
    </Connector>

the browser gives an error saying it has no certificate, all ports 80 and 443 are released and I tested with another certificate and it worked. Something I'm wrong in the configuration of tomcat9 with letsencrypt can anyone help me

Thank you very much

rg305 · June 30, 2022, 5:22pm

That is not the normal install path for LE certificates.
Are the cert files there?

ederjdi · June 30, 2022, 5:51pm

I copied the files to this folder

rg305 · June 30, 2022, 9:19pm

Here is an example of something that worked for me recently.
[You will have to create a PFX file from the PEM files though]

<Connector
                port="443"
                protocol="org.apache.coyote.http11.Http11NioProtocol"
                maxThreads="200"
                SSLEnabled="true"
                scheme="https"
                secure="true"
                keystoreType="PKCS12"
                keystoreFile="Path To PFX"
                keystorePass="Your Password"
                clientAuth="false"
                sslEnabledProtocols="TLSv1.2"
                ciphers="TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
                TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
                TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
                TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
                TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
                TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
                TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
                TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"
/>

system · July 30, 2022, 9:20pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Using let's encrypt with tomcat Server	10	38829	September 30, 2017
SSL for Tomcat8 (Resolved) Help	4	7308	April 9, 2018
SSL certificate in Ubuntu 20 Tomcat 9 does not work Help	5	2320	June 5, 2021
I already installed lets encrypt on ubuntu server for my website using apache2 and I try to used the certificate for my tomcat server but nothing happen, the site can't be reached Help	6	447	October 6, 2021
LetsEncrypt SSL Issue with Tomcat 9.0.4 Help	3	859	April 2, 2022

How to enable letsencrypt tomcat9

Related topics