You don’t need an EC private key nor certificate to use ECDHE.
RSA private keys/certificates => TLS-ECDHE-RSA-xxx
EC private keys/certificates => TLS-ECDHE-ECDSA-xxx
See Osiris’ explanation.
You can use EC private keys with Let’s Encrypt, but it’s not necessary (and RSA has better compatibility).
Those “weak cipher” errors on Qualys SSL Labs are not really errors, it’s fine to have them for compatibility as long as you have server preferred, FS cipher suites available.
Use the compatible or modern ciphersuite profiles from the Mozilla SSL Config Generator and don’t worry about it!
Edit: I just read the thing about HBO … in that case you can limit your ciphers to e.g.
but I feel like HBO have gotten it wrong with that advice.