I need to renew a cert but am only using Tomcat, not Apache. $ sudo certbot renew looks for the Apache httpd process so fails. I need an option where it doesn’t create more headaches by trying to be helpful and just renews the certs and spits out the PEM files to a directory so I can convert them to PKCS#12 and put them in a JKS for Tomcat.
I did certbot certonly --standalone -d domain name as suggested here How to renew SSL certificate on Ubuntu 16, I am using tomcat 8 and got:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Cert is due for renewal, auto-renewing…
Renewing an existing certificate
Performing the following challenges:
tls-sni-01 challenge for settings.lighthouse-monitoring.com
Cleaning up challenges
Problem binding to port 443: Could not bind to IPv4 or IPv6.
I’m not sure it actually generated anything, also why is it trying to bind to port 443?
If I can’t renew them can I recreate them from scratch for an existing domain? Do I have to wait for the current ones to expire first?