I think you'll find that the answer is: because Tomcat makes it a pain in the ass, most people just run a reverse proxy such as Apache or nginx in front of their Tomcat servers.
It is (paradoxically) operationally simpler and means you can perform various maintenance operations (such as installing or renewing SSL) without restarting a (probably stateful) Java application.
You can also run a reverse proxy like Caddy which will completely handle all aspects of HTTPS for you and runs on Windows too. You can adapt this tiny configuration file to point to your Tomcat server and domain, and you're finished.