Most letsencrypt setups use the webroot plugin to authendicate the domain but I don't like writing temp files to my drive. Letsencrypt provides a standalone solution which can be used to skip that part. In combination with a webserver proxy you can verify all domains pretty easily. You will have to setup the webserver to forward all traffic from location /.well-known/acme-challenge
to localhost port 81.
server {
listen 80;