There is an option to use your own certificate files - if you have a means of generating them, then it seems possible to use them:
That said, it’s not something I have tried, and would suggest the docs (https://rancher.com/docs/rancher/v2.x/en/installation/ha/helm-rancher/#certificates-from-files) and StackOverflow or similar for further guidance if you choose that approach.
If your domain name is not in use then things would be fairly easy - point the nameservers at digital ocean and then configure the domain in the admin panel (https://www.digitalocean.com/community/tutorials/how-to-point-to-digitalocean-nameservers-from-common-domain-registrars)
If your domain name is in use then hopefully you have a way to manage records on that domain.
In this case the way I would approach it would be to add an
A record, like
rancher2.mydomain.com which would direct to the public IP address of the DO droplet of your load balancer.
Check that the DNS entry resolves first - something like https://dnschecker.org/ - and then make sure you set LetsEncrypt to
sandbox mode in case you get your config wrong. If you get the config wrong in
production mode it ‘blocks’ you fairly quickly for an exponentially growing time. That can suck (from experience).
Once confident LetsEncrypt is creating your cert properly, switch to prod mode and wait for the cert to be created again.
That should be all that’s needed. Let me know how you get on.