At some point, a command was run that took the contents of these two file:
Certificate Path: /etc/letsencrypt/live/api2.eegloo.in/fullchain.pem
Private Key Path: /etc/letsencrypt/live/api2.eegloo.in/privkey.pem
and created this file:
server.ssl.key-store=/etc/letsencrypt/live/api2.eegloo.in/keystore.p12
That command needs to be run each time the cert is renewed.
Moreover, you may also need to restart/reload Tomcat each time the p12 file is updated/re-created.