There are some node-specific instructions in this topic:
(I wasn't sure if your question was just about the permission problem, or about how to configure SSL in node in general.)
The permissions are a feature - you don't want every user on your system to be able to read your private key. If you need to read the files using a different user, I would recommend chown-ing them to that user in a separate step after you run the certbot command. I would advise against copying the files somewhere else and rather point your code to the files in /etc/letsencrypt/live/example.com directly.