@rschouten, are you using IIS on Windows as your web-server, with Tomcat behind it serving up your web applications (recommended practice) - or is Tomcat acting as the front-end web-server itself?
If Tomcat is behind IIS, then you don’t have to do anything about SSL in Tomcat itself, IIS will handle the SSL connections with the Let’s Encrypt certificate that you installed on your Windows server. Tomcat, in this case, will be sending and receiving clear-text between itself and IIS - and IIS will send and receive SSL encrypted traffic between itself and the remote client.
Tomcat behind IIS requires the use of an IIS-Tomcat redirector (an IIS plugin). You may have (depending on the connector you choose) some one-time IIS and (mostly) Tomcat configuration, but it will be worth it to offload the SSL configuration to the IS server and use the automatic renewal capabilities (and free SSL certs) of Let’s Encrypt.
This connector comes with a setup package that will automate the configuration for you:
IIS to Tomcat Connector
…with the newest verson of this connector at:
BonCode Connector – BonCode
Otherwise, here are a couple of sites where you can get instructions for doing it yourself using the IIS to Tomcat director that comes in the Tomcat distribution:
The Apache Tomcat Connectors - Web Server HowTo - ISAPI redirector for Micrsoft IIS HowTo
How to Configure IIS 7 and Tomcat Redirection on Windows Server 2008 (64 Bit) « Sharing the Point
On the other hand, if Tomcat is your front-end web-server, then you’ve got to deal with the mess of getting SSL set up on Tomcat to begin with (keygens, CSRs, etc.) - and, unless there is someone with a Java ACME client; I don’t know of a way to automate the initial request or the renewal of Let’s Encrypt SSL certificates in your Tomcat server.