{"id":16514902,"url":"https://github.com/schnatterer/letsencrypt-tomcat","last_synced_at":"2025-10-28T04:32:42.351Z","repository":{"id":53621047,"uuid":"264019142","full_name":"schnatterer/letsencrypt-tomcat","owner":"schnatterer","description":"Tomcat that automatically fetches certificates via letsencrypt","archived":false,"fork":false,"pushed_at":"2023-12-21T22:04:21.000Z","size":61,"stargazers_count":4,"open_issues_count":2,"forks_count":1,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-04-08T15:52:34.322Z","etag":null,"topics":["dehydrated","docker","letsencrypt","tls","tomcat"],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/schnatterer.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-05-14T20:33:35.000Z","updated_at":"2022-09-17T20:55:17.000Z","dependencies_parsed_at":"2025-02-13T04:33:04.838Z","dependency_job_id":"e72445c0-3f7d-49b0-a895-e853a8bb45f5","html_url":"https://github.com/schnatterer/letsencrypt-tomcat","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/schnatterer/letsencrypt-tomcat","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/schnatterer%2Fletsencrypt-tomcat","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/schnatterer%2Fletsencrypt-tomcat/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/schnatterer%2Fletsencrypt-tomcat/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/schnatterer%2Fletsencrypt-tomcat/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/schnatterer","download_url":"https://codeload.github.com/schnatterer/letsencrypt-tomcat/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/schnatterer%2Fletsencrypt-tomcat/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":281386564,"owners_count":26492014,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-28T02:00:06.022Z","response_time":60,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dehydrated","docker","letsencrypt","tls","tomcat"],"created_at":"2024-10-11T16:14:20.070Z","updated_at":"2025-10-28T04:32:42.067Z","avatar_url":"https://github.com/schnatterer.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"Let's encrypt Tomcat!\n========\n\n[![](https://img.shields.io/docker/image-size/schnatterer/letsencrypt-tomcat)](https://hub.docker.com/r/schnatterer/letsencrypt-tomcat)\n\nShowcase Tomcat Docker Image that automatically fetches and renews certificates via letsencrypt. \n\nUses \n* [dehydrated](http://dehydrated.io/) to manage certs, \n* [tomcat-reloading-connector](https://github.com/schnatterer/tomcat-reloading-connector) for reloading images without \n  restarting tomcat. \n* and either\n  * [bitmai's Tomcat Docker image](https://hub.docker.com/r/bitnami/tomcat) or\n  * spring-boot.\n  \nTry out by [running examples](#Run-Examples).\n\n# Build your own image\n\nThe building blocks are conveniently packaged into a docker image: `schnatterer/letsencrypt-tomcat`.\nThis image is neither intended to be used as base image nor to be run itself.\nIt's a mere container were you can copy the components needed for your app.\n\nIt contains the following directories:\n\n* `/letsencrypt` necessary for all apps:\n  * [`dehydrated`](http://dehydrated.io/) for cert retrival\n  * [`dumb-init`](https://github.com/Yelp/dumb-init) for properly handling your main process and the certificate process\n  * `meta-entrypoint.sh` for launching the processes\n* `[/tomcat-reloading-connector](https://github.com/schnatterer/tomcat-reloading-connector)` necessary for standalone \n  tomcat instances, so they can reload the certificate at runtime  \n  See [standalone example](examples/standalone).\n* `/lib` - pre-compiled version of Apache Portable Runtime (APR) and JNI wrappers for APR used by Tomcat (libtcnative).  \n  Requires glibc and openssl (works with debian images, for example).  \n  For other libc libraries see [here](https://tomcat.apache.org/tomcat-9.0-doc/apr.html) for compiling your own APR libs.\n  See [spring-boot example](examples/spring-boot) or [embedded tomcat example](examples/embedded-tomcat).  \n\nSo in your Dockerfile just copy what you need as shown in examples.\nFor the whole process to work, your container requires the following packages:\n\n* bash,\n* openssl and\n* curl\n\nYour tomcat server must be configured to\n * serve static content from `/static/.well-known/acme-challenge` on `http://${DOMAIN}/static/.well-known/acme-challenge` \n   in order for to be able to answer to the letsencrypt challenges,\n * serve traffic via port 80 (externally), in order to succeed in letsencrypt's http-01 challenge,\n * respond with HTTP return code less than 400, on `http://localhost:${LOCAL_HTTP_PORT}/` (default port 8080).\n\nIf successful, the certificate files will be stored here:\n  * Certificate file: `/certs/${DOMAIN}/cert.pem`\n  * Certificate private key file: `/certs/${DOMAIN}/privkey.pem`\n  * Certificate chain file: `/certs/${DOMAIN}/fullchain.pem`\n\n# Configuration at runtime\n\n* Mandatory: Env var `DOMAIN` that passes the TLD to be used for requesting certificates for\n* Optional Env vars: \n  * `LOCAL_HTTP_PORT` - (default 8080). Once this (internal) port is ready to receive traffic, the certificate challenge will begin.\n  * `STAGING` - If set to `true` creates certs against letsencrypt staging, which has no rate limit but \n    is not accepted by your browser.\n  * `ENABLE_LETSENCRYPT` - if set to `false` the letsencrypt process is not started \n  * `CREATE_SELFSIGNED` - if set to `false` no selfsigned certifcate is generated at start up.  \n     Depending on your setup this might result in failing startup of the tomcat connectors\n* Persistence: Your certs are stored inside your container at `CERT_DIR` (default: `/certs/`), so you might want to \n  persist this folder.\n\n# Run Examples\n\nFirst, make sure to set the DNS record to match your IP address and that port 80 and 443 are available.  \n\nNote that:\n- `-v...` Persists your cert in a volume `certs` if left out an anonymous volume is used\n\n```bash\nsudo docker run --rm -it \\\n  -p80:8080 -p443:8443 \\\n  -eDOMAIN=example.com \\\n  -v certs:/certs/ \\\n  -eSTAGING=true \\\n  schnatterer/letsencrypt-tomcat:standalone\n# or\n# schnatterer/letsencrypt-tomcat:spring-boot\n# schnatterer/letsencrypt-tomcat:embedded-tomcat\n```\n\n# Building\n\n```bash\n# First build the base image ( packages the building blocks for letsencrypt tomcat)\ndocker build -t schnatterer/letsencrypt-tomcat .\n# Build the examples \ndocker build -t schnatterer/letsencrypt-tomcat:standalone --file=examples/standalone/Dockerfile .\ndocker build -t schnatterer/letsencrypt-tomcat:spring-boot --file=examples/spring-boot/Dockerfile .\ndocker build -t schnatterer/letsencrypt-tomcat:embedded-tomcat --file=examples/embedded-tomcat/Dockerfile .\n```","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fschnatterer%2Fletsencrypt-tomcat","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fschnatterer%2Fletsencrypt-tomcat","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fschnatterer%2Fletsencrypt-tomcat/lists"}