I'm somewhat familiar with certificate handling in general, I had just forgotten how Let's Encrypt performs domain validation; it's been a few years since I used it and it's worked so well that I haven't had to think about it since, which is probably a testament to its stability!
To be sure, PKI and certificates in particular have a lot of room for improvement in the UX department. Especially on Windows, where one frequently has to deal with not just .pem files but .cer, .pfx (with or without private keys), and more.
To be sure, PKI and certificates in particular have a lot of room for improvement in the UX department. Especially on Windows, where one frequently has to deal with not just .pem files but .cer, .pfx (with or without private keys), and more.