You would need to front plumber by a service providing SSL, could be nginx, could be apache. You could also use CloudFlare SSL if you had your own domain.
web server providing SSL > proxy pass to plumber API > plumber API
" Unfortunately, Plumber does not implement HTTPS support natively, but most of the documented hosting options offer ways to deploy HTTPS and HSTS in front of your Plumber API."
Update: Using Free Let’s Encrypt SSL/TLS Certificates with NGINX - NGINX
An example nginx.conf
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name $DOMAIN$;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name $DOMAIN$;
ssl_certificate /etc/letsencrypt/live/$DOMAIN$/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/$DOMAIN$/privkey.pem;
include /etc/nginx/sites-available/plumber-apis/*;
location /.well-known/ {
root /var/certbot/;
}
location /$API_PATH$/ {
proxy_pass http://localhost:$API_PORT$/;
proxy_set_header Host $host;
}
}