Hi Jim,
This is a over simplified explanation. It can be more specific with more details.
Yes, a domain name needs to be associated with a IP address. Period. Irrespective of LetsEncrypt or normal SSL certificate. You cannot control ports with Domain names. They aren't designed that way.
Generally, you control the ports at the firewall (router) or Server (if the server has a public IP - very rare, now-a-days).
You need to know the public IP address that can be routed to your server. Thats the IP you'll "delegate" to your domain name (via your DNS servers).
Then use the router that controls your servers access to the internet to manage which ports have access. If its a virtual server, your provider probably controls this access. In which case there is probably a setting in your control panel, or your could send them an email). If its your own servers, you probably already know this.
Just ask them to open port 80 (http) and port 443 (https) and close all other ports unless you need them (eg RDP uses 3389 so if you RDP to your box you'll need that).
Regards
Bill
Topic: DNS / Certificate questions (Read 4800 times)