Most Java programs including Tomcat accept PFX files in addition to JKS files. This way you can use the PFX generated by letsencrypt-win-simple without needing a intermediary script.
<Connector port="8443" protocol="HTTP/1.1"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="C:\path\to\file.pfx"
keystorePass=""
keystoreType="PKCS12">
By default, letsencrypt-win-simple doesn’t set a password for the PFX file, so I left it blank in the example. If you set a PfxPassword
in letsencrypt-win-simple’s config file you would enter it as it the keystorePass
here, though.