I was recently asked “has anyone used BPM Run on its own with Let’s Encrypt?” and, since I’m doing that, I can answer!
In case you’re trying to do this too:
You need to package the LetsEncrypt stuff up as a pkcs12 keystore:
The following command is what you need in order to do that:
openssl pkcs12 -export -out certificate.p12 -inkey /etc/letsencrypt/live/<server-name>/privkey.pem -in /etc/letsencrypt/live/<server-name>/cert.pem -certfile /etc/letsencrypt/live/<server-name>/chain.pem
Which will create the certificate.p12 file. Then add:
ssl: key-store: classpath:certificate.p12 key-store-password: <password> key-store-type: pkcs12 key-alias: <server alias> key-password: <password> port: 8443
Or whatever port you want to your
configuration/production.yml file (or
default.yml if you want.
certificate.p12 file should be in your
configuration/keystore directory in order to be found.
Hope this helps someone!