I don’t know when EE v4 will be released, so at the moment I’m not planning to migrate to v4, I will have to run tests when it will be stable, and to make sure troubleshooting will not be harder with Docker.
I will publish in the next few days, the first release of my bash script to install EasyEngine with all my custom configurations and optimization ( currently only available as a list of instructions on https://virtubox.github.io/ubuntu-nginx-web-server/ )
About SSL certs, I’m using acme.sh to manage Let’s Encrypt certs, and I have published ee-acme-sh, which is a simple script to automate acme.sh with EasyEngine.
But yes, you can use Cloudflare Origin certs instead of Let’s Encrypt, and it work with multisite setup and subdomains, as well as a wildcard certificate from Let’s Encrypt.
For mapped domain (yoursite1.tld + yoursite2.tld), it require to use certificates with SAN support, but it’s something you can do with acme.sh :