For Java things you have to make a JKS or a PKCS12 file.
To make the latter with certbot you run:
openssl pkcs12 -export -out bundle.pfx -inkey privkey.pem -in cert.pem -certfile chain.pem -password pass:not_so_secret
And automatically in a renew hook afterward if you’d like.
ETA: But your file structure suggests you’re using a different client than the recommended default.
Which is fine (so do I) but I have no idea what yours calls its files because even mine uses the same names as certbot. 