I am new here and have never tried to use Let's Encrypt or CertBot. I'm hoping what I am trying to do is possible. I have Dameware Central Server installed on a Windows 2016 server so we can use Dameware Remote Control to provide remote support to our end users. There is no web server installed on the machine other than what the Dameware software itself is using. Any help on how to get started would be greatly appreciated.
You don't need to install IIS [if you are not going to serve any web pages].
You should install an ACME client, obtain a cert, automate the certificate renewal process, and look into automating the cert installation process as well.
So that is four (independent) steps.
I would start with the last step as the target.
That means, learn how a certificate can be used by the Dameware software [and in what format the certificate needs to be in (yes, there are choices there)].
That may help determine which is the best ACME client (for Windows) to use.
Once you chose the ACME client, you can begin the four steps.
This community is here to help you with (most of) those steps [perhaps all of them].
Keep in mind that getting a certificate and applying it your service are two very distinct steps, so get your cert first then figure out how to automate applying it (scripting is usually easiest, e.g. powershell or .bat).
Once you've done that you need to automate by including the binding update step as part of your automated renewal, because Let's Encrypt certs need to renew at least every 90 days, if not more frequently.
IIS wasa turned on to test the DNS with the URL. I turned it off but apparently forgot to reboot so it was still there. I've rebooted now and IIS is no longer active on the server.
Thank you everyone for your responses. I wanted to give the suggestions a try yesterday, and then today, but got pulled away in several other directions and never got the time to try them. I will take a closer look at everything next week (time permitting) and either come back with more questions or update the thread that it's working. Again, thank you everyone!
Got it. I see above that you're not going to be working on this right away, but if that IIS is not the way that people access the Dameware service, it would be helpful to know how they do access it (e.g. via a different port number instead of 80 or 443, or something).
Note also that a permanent webserver on port 80 is not required to do http validation because many acme clients can self-host their own http challenge response service (if your server is internet facing and port 80 is still open). Certify The Web has it by default and win-acme also has it as an option (both using a temporary http.sys listener).
In Certbot (less-used on Windows), we call that method "standalone", and that term is also used by a number of other clients. It is "standalone" because it's not reliant on an existing web service.