ubuntu – One public ip, two servers and SSL generation

I have a web server (centOS) running on IP 192.168.1.154 (local IP) Apache installed

I have one public IP provided by ISP lets suppose 68.12.10.12

Now I am using router point forwarding it point 68.12.10.12 (port 80) to local IP 192.168.1.154 (port 80)

I am using subdomain1.mysite.com with public IP 68.12.10.12 configured in A record through Cpanel
The site is accessible through subdomain1.site.com

Everything is working.

Now, I installed another ubuntu server on 192.168.1.160 (local IP). Apache installed, different content.
Now, I want to be able to access that ubuntu server through subdomain2.mysite.com
Also, created a virtual host subdomain2.mysite.com in ubuntu server.

I added another port forwarding rule in the router
Forward public IP 68.12.10.12 (port 8080) to local IP 192.168.1.160 (port 80)

But the problem is when adding subdomain or A records for subdomain2.mysite.com in Cpanel of mysite.com (hosted somewhere else), it won’t allow me to specify the port number (I cannot do 68.12.10.12:8080), so I added 68.12.10.12 only in the A entry.

Now, 68.12.10.12:8080 and http://subdomain2.mysite.com:8080 is publicly accessible
But,
http://subdomain2.mysite.com is not accessible, which I need so that I can issue SSL for it.
I am trying to generate a lets-encrypt SSL certificate
SSL HTTP challenge is failing as Subdomain2.mysite.com is not accessible (using certbot command)

What should I do in this case?

I need either https://subdomain2.mysite.com or https://subdomain2.mysite.com:8080 (whichever is possible).
Even if there are paid SSL that supports it, can do that.
I don’t think reverse proxy is my solution as I am trying to point to two different servers.