Automate SSL Cert infrastructure

[ryanaslett]

Per #4029 Our current paid SSL certs are valid until 2027, however, they will still need to be manually replaced everywhere, and will need to be funded in the future to ensure continuity of service.

We can eliminate the maintenance and cost of keeping our certificates current by switching over to an ACME based solution (https://acmeclients.com/), giving us free, and automated replacements.

In general we should be using certbot everywhere we can, and fall back on acme.sh if there are any environments where certbot is unsupported.

unofficial-builds is already using this, so the pattern is easily replicable for our other services.

[mhdawson]

If this is the approach recommended by the Foundation, makes sense to me so +1

[iuuukhueeee]

Having a way to automate this would saving us so much time, we certainly would need this.

[richardlau]

unofficial-builds is already using this, so the pattern is easily replicable for our other services.

We (re)discovered in today's Build WG meeting that iojs.org is also using certbot, although it looks like this was never added to the Ansible scripts: https://github.com/nodejs/build/blob/main/doc/non-ansible-configuration-notes.md
(As an aside, the dist.libuv.org references are redundant -- we are no longer hosting downloads for libuv).