> > > How about this? > > http://tomcat.apache.org/presentations.html > > Search for "Let's Encrypt". > > I haven't wired this into Tomcat 8.5 and Tomcat 9.0's capability to > re-load a keystore yet. I'm not sure there is JMX support for that, > yet, so that would be a prerequisite IMO. > > -
Thx, you are doing almost the same as my (why do you use the keytool, you can use the p12file (openssl output file) directly right? (at least i do that) But using that jmx proxy servlet is a good one, will see if that works for me. The only thing left then is that "certbot-auto renew" should really give me some feedback that it really did renew Else i constantly generate the p12file for tomcat and start/stop the connector Maybe i can monitor the pem file that certbot will be touching if something did renew somehow. -- Johan Compagner Servoy
