Were my certificates updated automatically also for tomcat?


I ran this command:
certbot certificates

It produced this output:
Expiry Date: 2020-01-22 11:17:09+00:00 (VALID: 80 days)

My web server is (include version):
ubuntu 18.04

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is:
certbot 0.31.0

I have a tomcat installed and I use certbot to create bundle.pfx for tomcat. How can I know if my tomcat/pfx file was also updated? Or in other words, How can I know the expiry date of the pfx file for tomact?


1 Like

Hi @amoss

if you use that certificate created via certbot to create a pfx-file, the pfx has the same expiration as the original file.

You have to do these additional steps again. Or try to create a script to do that.

1 Like

Thank you for a quick reply.

I created the pfx file around 3 months ago, I understand correctly that I should re-create it? Still, is there a command that can show me the expiration of the pfx file itself? I ask so I can make sure the renewal went ok.

Yes, Letsencrypt certificates are only 90 days valid.


If you have created the pfx three months earlier, it will expire. Or use OpenSsl or import the pfx into a Windows environment to see the expiration date.

And the tool from Tomcat should have a pfx check.

1 Like

Found it: openssl pkcs12 -in file.pfx -passin pass:"${pass}" -nokeys | openssl x509 -noout -enddate


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.