Help setting up the certificate through Let's Encrypt?

Hey! Sorry, I’m really new to this so I appreciate all help.
I set up UCS as the domain controller, changed my dns, and joined the domain and for the most part things work such as Nextcloud, Active Directory+Group Policy, etc.
But I set it up using the name of the domain I own so it’s ucs dot mydomain dot com, which now means I can’t access the original mydomain dot com.

I’m trying to do two things:

  1. Separate the UCS subdomain from the domain itself, so that mydomain dot com still directs to the usual site and ucs.mydomain dot com directs to the dashboard.
  2. Grant UCS a certificate so that local users don’t have issues accessing apps through browsers.