Following the thread for Let’s Encrypt on Windows to get my self oriented.
See thread t/how-letsencrypt-work-for-windows-iis/2106
From that thread and some experimentation, I was able to get a low usage Windows 2003 server working. Here is what I did:
The client: https://github.com/ebekker/letsencrypt-win
only works with .NET 4.5 which is available only on window 2008 servers or greater.
I temporarily modified DNS to point to a Amazon Windows 2012 server and setup a stub web site to act as a temporary agent for my target SSL cert. Once I confirmed DNS was working and the site was visible from the internet, I ran the client software which easily created and installed the certificate. Great client software for the community!
Next, I exported the certificate using this site as a reference guide:
https://www.digicert.com/ssl-support/pfx-import-export-iis-8.htm#export pfx
From there, I exported the SSL cert with the private key to the old Windows 2003 server. Using a similar technique as noted in the export guide, I imported the SSL cert and private key in the Windows 2003 server. I then rebound the web site to the new cert.
I then needed to reverse the DNS references to point back to the old Windows 2003 server. Done!
The cert is only good for 90 days but I proved I could get it working! Hope this helps someone else.