I needed to make this work for Tomcat, so following the instructions here I created a JKS file. However, before testing the JKS to see if it worked, I removed httpd24 and installed httpd as a binary was missing when following instructions for setting up MOD_JK.
To create the JKS, I copied the pem files from /etc/letsencrypt/archive/domain and ran the following commands:
openssl pkcs12 -export -in fullchain.pem -inkey privkey.pem -out fullchain_and_key.p12 -name tomcat_cloud_client
keytool -importkeystore -deststorepass changeit -destkeypass changeit -destkeystore MyDSKeyStore.jks -srckeystore fullchain_and_key.p12 -srcstoretype PKCS12 -srcstorepass changeit -alias tomcat
keytool -import -trustcacerts -alias root -file chain.pem -keystore MyDSKeyStore.jks
My issue is that my url is now no longer secure and I’m not certain if creating the JKS or removing httpd24 is what caused the SSL to break. I tried running the command to renew the cert but that also said no renewal was attempted.
I’m a little new to this so please bare with me if I’m missing anything.