Re: So has anybody come up with a solution for certificate automation that will work on a Midrange box? -- MIDRANGE-L

On 4/2/26 10:08, James H. H. Lampert via MIDRANGE-L wrote:

On 4/2/26 8:39 AM, I wrote:

What it says on the tin: has anybody come up with a solution for certificate renewal automation that will run on a Midrange box, that's compatible with Tomcat servers?

I should have been more specific: Tomcat servers running from Apache Tomcat downloads, set up to use Java Keystores.

DCM is not involved in any way.

One possible solution is to install WildFly and use the letsencrypt client that is built in there. If you decide to go that route, here are some sample commands to use in the WildFly CLI that get you going with letsencrypt:

/subsystem=elytron/key-store=letsencryptKS:add(path=letsencrypt.keystore.jks, relative-to=jboss.server.config.dir, credential-reference={clear-text=changethispassphrase}, type=JKS)
/subsystem=elytron/key-store=letsencryptaccountsKS:add(path=letsencryptaccounts.keystore.jks,relative-to=jboss.server.config.dir,credential-reference={clear-text=changethispassphrase},type=JKS)
/subsystem=elytron/certificate-authority-account=myLetsEncryptAccount:add(alias=letsEncrypt,key-store=letsencryptaccountsKS,contact-urls=[mailto:webadmin@xxxxxxxxxxxxxx])
/subsystem=elytron/key-store=letsencryptKS:obtain-certificate(alias=server,domain-names=[www.yourdomain.com],certificate-authority-account=myLetsEncryptAccount,agree-to-terms-of-service)

This will result in certificates in letsencrypt.keystore.jks

This mailing list archive is Copyright 1997-2026 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.