Site icon EasyOraDBA

Renew LetsEncrypt Certificate for Oracle Apex

In my previous article I showed you how to use Letsencrypt to secure a production Apex instance. This is specially important when you have a webfacing Apex instance. Only issue with Letsencrypt free SSL certificates is that it expires in 6 months, so it has to be renewed.

Though letsencrypt certificate have an automatic way to renew the SSL certificates I always prefer to do it manually, specially when it is for a production instance.

Lets go ahead and renew the SSL certificates which was created in previous article

Step 1. Renew Letsecnrypt certificate

$ cd /etc/letsencrypt/

$ ./certbot-auto certonly --force-renew --webroot /home/whadev/public_html --cert-name

Input the webroot for (Enter ‘c’ to cancel): /home/whadev/public_html
Waiting for verification…
Cleaning up challenges

– Congratulations! Your certificate and chain have been saved at:
Your key file has been saved at:
Your cert will expire on 2019-04-09. To obtain a new or tweaked
version of this certificate in the future, simply run certbot-auto
again. To non-interactively renew *all* of your certificates, run
“certbot-auto renew”
– If you like Certbot, please consider supporting our work by:

Donating to ISRG / Let’s Encrypt:
Donating to EFF:

Go to directory /etc/letsencrypt/live/ to verify

Step 2. Generate a new PFX file, with certificates already renewed by certbot

$ cd /etc/letsencrypt/live/

$ openssl pkcs12 -export -out bundle.pfx -inkey privkey.pem -in cert.pem -certfile chain.pem -password pass:yourpassword

Step 3. Copy the PFX file to the directory of Apache Tomcat (optional step since my Tomcat 9 is installed with another user)

$ cp -p /etc/letsencrypt/live/ /home/oracle/apache-tomcat/webapps

Step 4. Restart Apache Tomcat

Now you can see the Lets encrypt certificate is renewed on your site

Exit mobile version