So, after several clicks it turned out to be that my hosting provider does not support creating folders with dots via FTP.
For example: “.well-known” gets an write error; but “well-known” (without first dot) is OK. No way.
So I can’t pass automatic nor manual domain verification at sslforfree.com
OK, lets try the last method - via DNS verification.
I’ve managed to set required TXT fields. But the TTL is 4 hours by default and cannot be changed surprisingly.
O-O-OK… lets wait. After 4 hours of waiting (www = “wait, wait & wait”?..) I’ve got my SSL certificate finally!
But wait again… the last screen says: “SSL Certificates expire after 90 days”.
So, is there some way do not wait again 4 hours every 3 months?..
Please increase certificate lifetimes!
Security considerations are well known, as I see in this thread. SSL certificates for 1, 2, etc years are commonly used for ages (in the world) and must-have for letsencrypt.org, I hope