LE has limitations for verification that would be impossible to implement on free hosting automatically on registration and/or under subdomain names. Depending on how LE works, and the server configuration here, can't users who pay for their own domains and link them to free hosting (which is far more common than the latter for legitimate individuals) have the ability to somehow "temporarily disable" aes.js protection for certain things like the LetsEncrypt validator, and other such things (maybe for 12 hours per month would be a reasonable term)? I recall some time ago (probably 6 months now maybe?) trying to add a TLS certificate for an owned domain through COMODO manually and it didn't have any way to verify ownership that would work.
Given modern steps to ensure your sites are taken seriously on the first hit (regardless of where it's hosted) include having a valid TLS connection, this would be a reasonably good compromise to the suggestion.
On an unrelated note, it is worth mentioning that MySQL on the free hosting is forcing MyISAM for tables right now and won't accept 4-byte characters despite me forcing it to. Something odd is up...