I have a domain hosted by A2hosting.com which uses "LetsEncrypt" but
I have a subdomain using SME Server 9.The difficulty was that accessing the subdomain website would be blocked by Google as a self signed site.
Going to Cloudflare.com and selecting the free option it sets up for the domain and subdomains, it creates a https: connection , paid versions cache things like photos for faster speeds but for the moment my concern was getting a https//subdomain.domain site. that Browsers would not put warnings up of self signed certificates.
Domain and Subdomain issue resolved. Mail issue created.Issue I do use the subdomain for email paying for a Static IP, instead of using A2hosting for email I use SME Server (Koozal) as one can increase the email size in SME Server (Koozal) and as well the large emails are sitting locally instead of at a host 1000 miles away. To set the DNS to get the email to work I did have to watch this Cloudflare Video
https://www.youtube.com/watch?v=hLKyUWQcu08 Mail entries require 2, one in the form of A record mail.subdomain.IPAdress and must have Cloudflare caching turned off so it states DNS as per the Video which will put a little triangular warning sign beside it as not cached.
MX entries will automatically have the Cloudflare caching turned off, so it states DNS .
Sub domain MX entries are in the form of mail.subdomain.domain
If you are using the SME server as a domain - omit the subdomain so its mx record is mail.domain and A record is mail.IPaddress.
Note: As certain email clients limit email sending to from 5 to 20 megs I set up a form on the SME server using Open Source software
https://sourceforge.net/projects/soupermail/ , one can thus receive form information and attachment up to the size you allowed on SME server (Koozal) 100 megabytes or even 500 megabytes or more.
Maybe in Koozal 10 I will learn how to set up LetsEncrypt on the Koozal server but for now using Cloudflare works.