Got domain & CSR keys, whats next to deploy SSL?

Let's Encrypt is often inconvenient in hosting environments like this because you might have to do a frequent manual renewal and have frequent interactions with the support staff to get them to install your certificates.

You might want to try https://zerossl.com/, which is a web-based interface to obtain Let's Encrypt certificates. You can use an existing CSR as part of this process and perform the validation steps inside your browser, although you'll have to be able to post a file on your web site at a specific location or make a specific DNS TXT record in order to prove your control over your domain name. (That's always a requirement when obtaining a Let's Encrypt certificate, although for hosting providers with better integration or that allow you to have administrative access to your server, it can be much more automatic.)

At the end of the process, you can give the certificate file to the hosting provider and the provider can install it for you.

But you'll have to repeat this process at least every 90 days, because that's how long Let's Encrypt certificates last. There's never any charge for this service from Let's Encrypt's end, but your hosting provider can potentially impose a charge for its role in installing the certificate.

Many hosting providers have made this process somewhat easier: