Using HTTPS on Tomcat with a let’s encrypt certificate is quite easy – as soon as you know how to do it (as usual). acme.sh provides a quite convenient way of getting and renewing certificates. This is extremely important as the certificates have a lifetime of just 60 days.
So get and “install” acme.sh first! And make sure Tomcat is running on port 80. Then start getting your certificate: