@ECHO OFF :REM Define Path to Keytool and OpenSSL. Keytool is installed by default with IPOCC installation. SET keytool="C:\Program Files (x86)\Avaya\IP Office Contact Center\Java Development Kit\bin\keytool.exe" SET OpenSSL=C:\OpenSSL\bin\openssl.exe :REM Define Path to IPOCC Tomcat Directory and Password. SET TomcatKeyStore="C:\Program Files (x86)\Avaya\IP Office Contact Center\Tomcat\conf\tomcat.jks" SET TomcatStorePass="Replace_me_with_Tomcat_password" :REM Define Path to IPOCC Web Service Collection directory and Password SET WebServiceKeystore="C:\Program Files (x86)\Avaya\IP Office Contact Center\Web Service Collection\conf\tomcat.jks" SET WebStorePass="Replace_me_with_WebServiceCollection_password" :REM Define Path to IPOCC TomcatWWW directory and Password SET TomcatWWWKeyStore="C:\Program Files (x86)\Avaya\IP Office Contact Center\Tomcat WWW\conf\tomcat.jks" SET TomcatWWWStorePass="Replace_me_with_TomcatWWW_password" :REM Define Alias for Certificate and Keystore. Define the PFXPassword needed to import into the Keystore and Define the path and name of the Key to be imported SET Alias="tomcat" SET PFXAll=C:\ProgramData\win-acme\httpsacme-v01.api.letsencrypt.org\Replace_my_FQDN-all.pfx SET FullChainPEM=C:\ProgramData\win-acme\httpsacme-v01.api.letsencrypt.org\Replace_my_FQDN.com-chain.pem SET PrivKey=C:\ProgramData\win-acme\httpsacme-v01.api.letsencrypt.org\Replace_my_FQDN-key.pem SET PFXCert=C:\ProgramData\win-acme\httpsacme-v01.api.letsencrypt.org\Replace_my_FQDN-openssl.pfx SET PFXPass=Replace_with_a_Strong_Password : REM DO NOT Modify any of the values below this line. If you need to add a PAUSE to check for an issue you may but do not modify the commands. : REM If something isn't working it is because something above is incorrect such as a wrong password, wrong file name or wrong directory ECHO ON :REM We will determine if the certificate has been renewed by looking for a PFX file that will be created with the renewal but we won't need it as we will create our own using OpenSSL IF EXIST %PFXALL% Goto :OpenSSL goto :end :OpenSSL :REM Create PFX file using OpenSSL %OpenSSL% pkcs12 -export -in %FullChainPEM% -inkey %PrivKey% -password pass:%PFXPass% -out %PFXCert% -name %Alias% :REM To prevent this always running, we will delete the PFXALL file as we don't need it any longer and will allow us to only update the server when a certificate is renewed Del %PFXALL% :REM Importing new Certificate to Java Keystore %keytool% -alias %Alias% -importkeystore -srckeystore %PFXCert% -srcstorepass %PFXPass% -srcalias %Alias% -srcstoretype PKCS12 -deststoretype jks -destkeystore %TomcatKeyStore% -deststorepass %TomcatStorePass% -destkeypass %TomcatStorePass% -destalias %Alias% -noprompt %keytool% -alias %Alias% -importkeystore -srckeystore %PFXCert% -srcstorepass %PFXPass% -srcalias %Alias% -srcstoretype PKCS12 -deststoretype jks -destkeystore %WebServiceKeystore% -deststorepass %WebStorePass% -destkeypass %WebStorePass% -destalias %Alias% -noprompt %keytool% -alias %Alias% -importkeystore -srckeystore %PFXCert% -srcstorepass %PFXPass% -srcalias %Alias% -srcstoretype PKCS12 -deststoretype jks -destkeystore %TomcatWWWKeyStore% -deststorepass %TomcatWWWStorePass% -destkeypass %TomcatWWWStorePass% -destalias %Alias% -noprompt :REM Restart Services :REM Stop TomcatWSC TASKKILL /F /IM tomcat_wsc.exe :REM Stop Tomcat TASKKILL /F /IM tomcat.exe :REM Stop TomcatWWW TASKKILL /F /IM tomcat_www.exe :StartServices Net START "IPOCC Tomcat" Net START "IPOCC Tomcat WSC" Net START "IPOCC Tomcat WWW" :end @Echo OFF Echo. Echo. Echo Please select one of the following. Default is 1 Echo. Echo 1. Exit Echo 2. Pause the Screen to check for Errors Echo. @Echo Off CHOICE /T 10 /D 1 /C 12 if errorlevel 2 goto :Pause if errorlevel 1 goto :Exit :Pause Echo. Echo. Echo. Echo Pausing to check for errors. Echo. Echo. PAUSE :Exit Exit