This is how I updated the keystore.jks to run with letsencrypt!!
Register with any free dyndns provider (e.g. http://www.dnshome.de ) Enter the access data in your routerThe next step is a little bit tricky .. here is what I did
install apache2 enable port forwarding for port 80 in your router https://tutorials-raspberrypi.de/raspberry-pi-ssl-zertifikat-kostenlos-mit-lets-encrypt-erstellen/The relevant certificate files are located here after running autocert:
/etc/letsencrypt/live/YOURDOMAIN
Then check this out (https://blog.codecentric.de/2013/01/selbstsignierte-zertifikate-aus-pem-dateien-in-java/)
openssl pkcs12 -export -out keystore.p12 -inkey privkey.pem -in cert.pem keytool -importkeystore -destkeystore keystore.jks -srcstoretype PKCS12 -srckeystore keystore.p12 cp keystore.jks /home/pi/mycontroller/confEdit mycontroller.properties:
mcc.web.ssl.keystore.file=../conf/keystore.jks
mcc.web.ssl.keystore.password=mycontroller
mcc.web.ssl.keystore.type=JKS
mycontroller must be replaced by the passwort you choose during certificate export with openssl
You can now disable port forwarding for port 80 and enable port forwarding for port 8443 (be sure to choose a strong passwort)
Result:
!!! Valid certificate in all major browsers (chrome in my example) !!!