If certbot from Let's Encrypt is not used certificates will need to be updated annually.

• Download the signed public key from your Certificate Authorities (CA)
• Import the signed public key into the keystore already containing the private key (and intermediate certificates if required)

keytool -import -alias noodle.domain.tld -trustcacerts -file noodlecert.crt -keystore noodle.pfx

• Restart the Noodle service