A workaround, thanks to EE support, at least for subdomains (My system is latest stable Debian, Linode)
This is the error message: " Unable to setup, Let’s Encrypt Please make sure that your site is pointed to same server on which you are running Let’s Encrypt Client to allow it to verify the site automatically"
Use the script manually sudo -H /opt/letsencrypt/letsencrypt-auto certonly --standalone -d sub.example.com
Add SSL configuration in nginx conf files. I added an “ssl.conf” file, under /var/www/sub.example.com/conf/nginx (already existed by EE installation) with the following lines " listen 443 ssl http2; ssl on; ssl_certificate /etc/letsencrypt/live/sub.example.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/sub.example.com/privkey.pem; "
nginx is already configured to include all conf files under the “live” directory with the keys already created by the script, so it’s good to go.