SSL certificate keystore for Ansys SAM tomcat server

Getting SSL certificate for a domain using certbot (https://certbot.eff.org/) gives you four files: cert1.pem, chain1.pem, fullchain1.pem, privkey1.pem. These files can found in /etc/letsencrypt/archive/your.domain.name.

The files have to be bundled into a keystore (keystore.pfx) for use in tomcat. For this you can use:

openssl pkcs12 -export -in cert1.pem -inkey privkey1.pem -out keystore.pfx -name tomcat -CAfile chain1.pem -caname root -chain
"keystore.pfx" must be renamed to "keystore" and keystore password used when creating keystore.pfx have to be specified in server.xml.

More information at: https://hardwarehacks.org/blog/setting_up_tomcat_with_a_lets_encrypt_certificate/