My next question is whether the Tomcat team would want this Java program
that does the heavy lifting for letsencrypt, which I would be happy to
clean up and make available as open source. The guts of the program comes
from - http://acme4j.shredzone.org, which is under the Apache
Didn't read closely enough. The protocol that I used is no longer
applicable for Tomcat 9.
On Sun, Nov 26, 2017 at 3:15 PM, Don Flinn wrote:
> Thank you for your excellent reply and references.
> I've been doing a lot of reading on SSL, certificates, keys,
Thank you for your excellent reply and references.
I've been doing a lot of reading on SSL, certificates, keys, algorithms,
etc. Woo! However I still don't have it correct.
I've retrieved certificates from letsencrypt and following your suggestions
did the following.
Created a pkcs12
One issue you might face in this configuration is if you have multiple versions
of the same library existing on the same path, let's say com.example v1.0 and
v2.0, and each is a dependency for one or more webapps. If a webapp depending
on 2.0 requires class com.example.X which is available in
I see by your paths that you are an MS person. Your solution is clever but has
the distribution problem that a war file may not be enough.
For Unix based folks (MAC, Linux), there is a much easier solution. Put your
common jars in some directory that you like (for me /opt/web_jars/acquired).