Well, I’m assuming your main intention is to deliver a CDN If a user intents to use the CDN “for real”, it’s no problem the CDN itself generates the private key, as it needs this to act as a TLS endpoint. But if a user only uses your service to get a certificate and consequentially doesn’t use your CDN-service any longer, I’m not so enthusiastic: private keys should only be known by the people and/or services which really need to know the private key.
So my suggestion would be to emphasise on the “Look, we’ve added Let’s Encrypt functionality to our CDN!” (a few screenshots on how the implementation works would be nice!) without too much emphasis on the “Look, we offer a CDN!” part, but not so much on the “You can use our service to get a certificate, even without using our CDN!”, as the latter would be a bad implementation as a 3rd party has the private key.
And yes, I am pretty critical when it comes to cryptography
And again, it’s great if Let’s Encrypt is being used out there, don’t get me wrong. I very much like the fact you bother to implement it! Kudo’s! It’s just the way of putting it out there