Putting the letsencrypt Certificate into the Keystore

This is done using keytool, which is provided in a JDK.

The keystore has a default password of "changeit". If you have changed it, then you'll need to use the password you changed it to. To keep things simple, I keep all the passwords the same.

To create a keystore I first had to convert the files to a .pkcs12 file:

openssl pkcs12 -export -in /etc/letsencrypt/live/yourFQDNhere/fullchain.pem -inkey /etc/letsencrypt/live/yourFQDNhere/privkey.pem -out pkcs.p12 -name letsencrypt

I then converted that to a keystore:

keytool -importkeystore -deststorepass changeit -destkeypass changeit -destkeystore letsencrypt.jks -srckeystore pkcs.p12 -srcstoretype PKCS12 -srcstorepass changeit