If you are using an embedded Jetty server for your web application, you will not find any information on how to automatically renew your certificate (unlike Apache or Ngnix server).
This is a short tutorial on how to set up automatic certificate renewal on Ubuntu Linux using a bash script (works the same or similar for all Linux distros) .
Go to folder /etc/cron.weekly, or cron.daily, or cron.monthly, if you want to have checked renewal daily or monthly. I chose weekly.
cd /etc/cron.weekly
Create a new file named certrenew with nano or any other editor.
nano certrenew
Add the following lines to new file.
#!/bin/bash
certbot renew --webroot -w /var/www/
kill $(ps aux | grep '[m]y_app_name' | awk '{print $2}')
sleep 3
java -jar /var/www/myapp.jar &
Let’s briefly explain the five lines.
Line 1: Standard text to indicate it is a bash script.
Line 2: This is the certbot command to renew your certificate. The path behind -w is where your application is located. Change if your app is located somewhere else.
Line 3: This command finds and kills your running application. This is needed to hook up the renewed certificate. Change the following to your app name: [m]y_app_name
If your app name is myGreatApp.jar for example, then change to [m]yGreatApp.
Line 4: Lets the bash script sleep three seconds before continuing to make sure the app was killed properly.
Line 5: Command to restart your app. Change the path to where your app is located.
Finally make the file executable.
sudo chmod a+x certrenew
That’s it! The script will now be automatically executed depending on the selected time frame (daily, weekly, monthly). To test it just execute it by
./certrenew