Your comments

Give WinAcme a try. It is mainly for IIS Servers, but there is an option for a manual cert creation that you can copy and place into another server's cert location.

CAVEAT!  You either need to have port 80 accessible to your machine RUNNING WinAcme FROM the internet, or have access to the DNS server's TXT records to paste the Text authentication string that LetsEnrypt is looking for in order to very ownership and control of the domain you are trying to secure.  In all honesty it IS a VERY easy process if you take the time to read the menu options, the requirements WinAcme is looking for and have an understanding of your network, domain and servers.  If you are an "End User" and ANYTHING I said is above your head" then you need to step back, do some research and become familiar with what it is you are doing, the components and what you are putting out on to the network/internet. Not know these things CAN put you at risk for breaches, infection and trouble.