You are asking for a public certificate for a private domain.
These are two distinct “systems” with distinct choices (choose one per domain):
- Use a private certificate [private CA] for a private domain.
- Use a public certificate [LetsEncrypt] for a public domain.