Could you share steps for tomcat 7 on Ubuntu?

Well, it looks like either your keystore password is wrong in the configuration, or you haven’t set the keystore up at all.

I have to hop into a meeting now, but basically:

  1. Acquire a certificate using Certbot or another Let’s Encrypt client. Have you done this or not?
  2. Export the certificate you acquired from /etc/letsencrypt and import it into a keystore file that Tomcat can read
  3. Point Tomcat at that keystore file with the correct passphrase.

This post can help you with steps 2 and 3.