install the Certbot client

pkg install py27-certbot

generate certificate

certbot certonly --webroot -w /usr/local/www/example -d

I do recomend to use spring on http and use nginx as proxy server. Here is the nginx config:

        server {
                listen 443;

                ssl on;
                ssl_certificate /usr/local/etc/letsencrypt/live/;
                ssl_certificate_key /usr/local/etc/letsencrypt/live/;
                ssl_session_cache shared:SSL:10m;

                location / {
                        proxy_pass http://localhost:8080;
                        proxy_set_header Host $host;

        server {
                listen 80;
                return 301 https://$server_name$request_uri;

renew your certificates automatically before they expire. Since Let’s Encrypt certificates last for 90 days only

certbot renew