My father runs a small (unmanaged) server for a few family sites, and one very complex web-based db application written by him that I use.

After recent illness he is on meds that make it harder for him to comprehend coding and related problems and solve them.

It appears that the server provider is now insisting that he have an https certificate for his server, and I'm trying to help him zero in on (a) how this works and (b) what to look for in a provider.

We are in the UK. The server runs on CentOS. We're not looking for a free way to do this (if there even is one) if it's complex, but rather a good simple solution for the time being that can perhaps be revisited down the line when he feels more able.

Google is only returning results about securing individual domains (I know a little about how to do this via LetsEncrypt etc).
Can anyone point me to a good resource on what goes into securing a server?
Would we still need certificates for the individual domains on it?