Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
OK. Then you should try certbot webroot authentication. Something like:
sudo certbot certonly --webroot -w (path to server root) -d covid19.vesmir.com --deploy-hook "command to restart Express"
For your case, set the -w path to the base location used by Express to serve files.
Often, servers need to be restarted/reloaded to pick up a new cert. If Express needs that use the deploy-hook for that. If it picks up a new cert automatically you can leave that off.
EDIT:
Oh, of course once you get Let's Encrypt certs you will need to change your Express config to point to those cert files. Certbot will tell you where they are.
Thank you very much for your help so far, it is very much appreciated. I have done some research this morning looking for how to find the path to the server root (place where Express is serving the files)
Restarting the site will not be an issue so I will be able to use certbot certonly