I'd start by ignoring Letsencrypt's advice to start with Certbot (which I think was used here given the description). Instead look for something like lego[1] or even simpler clients, something like Acme.sh[2] or acme-tiny[3]. At least for me certbot has way to many moving parts and makes the acme protocol feel more complicated than it is.

[1]: https://github.com/go-acme/lego [2]: https://github.com/acmesh-official/acme.sh [3]: https://github.com/diafygi/acme-tiny

I initially used Certbot on my server, then tried to switch to acme.sh, but eventually switch back to Certbot because it is the most painless way for my setup(Debian+Nginx). The problems I have with acme.sh are mostly permission related. Also, Certbot can update nginx configs for me automatically, so I only have to copy and paste commands from official website, then everything are done.

* https://github.com/dehydrated-io/dehydrated

The hook.sh allows for a lot of flexibility.