Yes, but LE needs to verify you own the domain. It does this with either a test to port 80 / 443 on your domain or you can do a check via DNS (although the official client doesn’t yet support the DNS check - other clients do. I kow the 3 bash ones support the DNS challenge.