Get the LetsEncrypt certbot-auto script.
Make it executable.
Generate a SSL certificate using DNS verification.
Generated certificated will be available under /etc/letsencrypt/live/jenkins.yasithab.com
Setup a cron job to run the renewal command everyday at midnight. The renewal will be executed only if there are 30 days less from the expiration date.