Hi, On Thu, Dec 5, 2019 at 10:57 PM Steve Sobol (Lobos Studios) <[email protected]> wrote: > > How did you implement it, if I may ask? > > I’d like to automate everything: generation and update of the certs, update > of the keystore, etc.
We use Ubuntu. Ubuntu ships /etc/cron.d/certbot that attempts to renew the certificate twice a day. You drop a shell script into /etc/letsencrypt/renewal-hooks/ and it will be run _only_ when the certificate needs renewal. The script we have concats certificates and private key for HAProxy (and restarts it); then uses openssl and keytool to generate the Java keystore and restarts Jetty. We don't generate, just renew, but I guess with some creativity you can script anything you want. I'm no expert, I just found enough online to make it work for our needs. -- Simone Bordet ---- http://cometd.org http://webtide.com Developer advice, training, services and support from the Jetty & CometD experts. _______________________________________________ jetty-users mailing list [email protected] To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users
