setup for single domain certificate

I'm trying to setup on 19.07.4 to get a single domain public key certificate from I've tried following the instructions I could find on the web, but they're pretty sketchy:

The first link basically says to

  1. Install the packages

    opkg update
    opkg install acme luci-app-acme luci-ssl-openssl
  2. Configure the web server. But the steps they give just show you how to redirect HTTP to HTTPS. So I think this step should follow step 3 or you won't actually have a GUI to work with!

  3. Configure through the LuCI GUI. This is the important part, but it doesn't give much detail. I think I can safely skip the field for DNS API credentials because I'm just requesting a single domain certificate.

  4. Configure the firewall. I have gotten this far...

So far I've managed to misconfigure LuCI to the point where I've needed to reinstall OpenWRT a few times. I think that I just need a (correct) /etc/config/acme file and will put my certificate in /etc/acme. But when I look at the output of --help it actually has a lot of options, so I don't want to underestimate this task.

BTW: My setup is conventional: I'm running 19.07.4 on a single TP-Link Archer C7 v2 connected to a DHCP serving ISP (XFinity).

If I can get this working I hope to be able to add it as a topic in the official OpenWRT wiki.

Maybe this can be of help.