You can stop your Spring Boot app and use:
certbot certonly --standalone -d dev.soldi.io
or you can keep your app running and use DNS validation:
certbot certonly -a manual --preferred-challenges dns -d dev.soldi.io
Once you do this, you will need to convert the certificates into the correct format for the embedded Tomcat server:
openssl pkcs12 -export -out /etc/letsencrypt/live/dev.soldi.io/bundle.pfx -inkey /etc/letsencrypt/live/dev.soldi.io/privkey.pem -in /etc/letsencrypt/live/dev.soldi.io/cert.pem -certfile /etc/letsencrypt/live/dev.soldi.io/chain.pem -password pass:apassword
and then configure application.properties with:
server.ssl.key-store=/etc/letsencrypt/live/dev.soldi.io/bundle.pfx
server.ssl.key-store-password=apassword
server.ssl.key-store-type=PKCS12
server.ssl.enabled=true
server.ssl.protocol=TLS
server.port=8443
Keep in mind the default Spring Boot jar is only capable of doing either HTTP or HTTPS, not both at the same time. If you need anything more complicated, then you need to either stop using the embedded Tomcat server, or inject a new Tomcat connector from Java code.