We use ZeroSSL instead of Let's Encrypt as our native SSL implementation for a simpler and more streamlined integration.

ZeroSSL allows you to generate trusted certificates through an online wizard right on the front page of their site and download them to your desktop in a zip file:

To get started with ZeroSSL, enter your platform domain name, including subdomain, into the wizard right at the top of their website:

Walk through the wizard until you reach the Verification step.

Create a CNAME record on your DNS hosting provider and copy over the content from ZeroSSL:

Using Cloudflare for our example, we'll click Add record and select CNAME from the dropdown

Back on ZeroSSL click Next Step then Verify Domain:

Download the zip file and you're done on the ZeroSSL website.

Now that you've authenticated your domain with ZeroSSL and downloaded the zip file, you're going to need to copy the zip ZeroSSL provided you with to your platform installation server:

scp esp.fivetacofiesta.com.zip root@137.184.6.0:/root

Back on the server we're going to extract the archive:

unzip esp.fivetacofiesta.com.zip

You'll see the archive has extracted three files into the current directory:

Archive:  esp.fivetacofiesta.com.zip
 extracting: certificate.crt         
 extracting: ca_bundle.crt           
 extracting: private.key 

Now we're going to combine two of the files into a new file using the cat command:

cat certificate.crt ca_bundle.crt > certificate_chain.crt

Copy our newly created file into the proper directory

mv certificate_chain.crt private.key edcom-install/config/

Change directory to your platform installation :

cd edcom-install

Run the automated SSL conversion script:

./convert_to_ssl.sh

Restart your platform:

./restart.sh

Before ZeroSSL:

After ZeroSSL: