Then specify the logging level and the location of the error log and the CustomLog which logs requests to the server, and takes the param combined allowing you to see request headers if specified in the log format.
This creates the directory where we clone the latest letsencrypt. Then we start the manual process to create certificates.
A terminal application will start asking you for your email for correspondence (although you'll not need to check your email to do anything of this), and the domains for which you want the certificate.
Then it'll break out of that and ask you to create a file on your publically available site for it to check.
Once that check is finished, it'll output the certificates to /etc/letsencrypt/live/yourdomain.com.
Now your existing /etc/apache2/sites-available/your-file-name.conf should look something like
We're giving it a name (will be used later), saying we're using the ajp13 connector to connect to tomcat 6 and above instances, saying it's on localhost and saying we're listening on port 8009 (we'll set tomcat listening on this port in a little while.)
Note we're pointing all the files that hit the root of our virual host to our worker via the JkMount command.
Generally, our tomcat servlets or jsp pages are prefixes with the name of the deployment file. Hello.war would be prefixed with Hello/. To get around this the RewriteRule gets around this by rewriting anything going to the root by transparently adding the deployment name.