TLS (old name: SSL) certificates do not provide any security as firewalls would provide or provide protection from unwanted access. The only thing TLS domain validated (DV) certificates provide is authentication of the hostname and encryption of the connection.
The instructions for an Entrust cert from back in 2012 do not apply to certs from Let's Encrypt. The Getting Started page linked earlier is a good start to learn about LE.
For Windows, there are several ACME clients for getting a cert. The Certify The Web client has a gui, good docs, and a good support community of its own. It is probably the easiest to use.
If you are sharing your service with other people your service will need a real name, not just an IP address. This involves having a registered domain name (such as your business one) and giving your service a name within that, then pointing that name at the IP address of your service. So if your business domain name was example.com your service name might be tintapp.example.com (or anything you want under your domain name).
Getting a certificate and using it are two different problems:
Use an ACME enabled certificate tool to get your certificate, this involves specifying which service/domain name you want on the certificate, then you need to prove you control that domain. For Let's Encrypt using Certify The Web (which is the app I develop) that's via HTTP (HTTP Validation (http-01) | Certify The Web Docs) or DNS (DNS Validation (dns-01) | Certify The Web Docs) and it's usually the hardest part to get right. Once that's completed you'll have a certificate.
Deploying your certificate once you have it is the next step and how that's done depends on the service you are deploying to (that app will auto deploy to IIS if using that). Every type of service is different. Some you copy a file somewhere, some you update a certificate "binding". So for instance an FTP service binding will depend what FTP server you are using, and your software you are using here will also have it's own process for updating the certificate.
For Certify The Web you'll probably want to add the Deploy to Generic Server task and set an output path and filename for your fullchain (e.g. C:\certs\tintapp.example.com.crt) and key (e.g. C:\certs\tintapp.example.com.key - these paths and names are up to you). You then need to tell your service shown in your screenshot to use them.
You will need to repeat this certificate deployment for every renewal every few months. Most services were conceived long before ACME automated certificates existed back when certs were manually renewed once a year at most and many still assume you are using the old way of working.
As an aside, be careful publishing services on your local network to the internet. Once you have opened up your firewall to reach your computer it can be reached by the people you want, and the people you don't want. So for instance you should assume that one day someone will find a vulnerability and achieve full access to that machine and everything it's connected to. That's why it's generally good practice to host these sorts of services on isolated machines, usually cloud hosted such as in Azure or AWS.
