ubuntu – One public ip, two servers and SSL generation

I have a web server (centOS) running on IP (local IP) Apache installed

I have one public IP provided by ISP lets suppose

Now I am using router point forwarding it point (port 80) to local IP (port 80)

I am using subdomain1.mysite.com with public IP configured in A record through Cpanel
The site is accessible through subdomain1.site.com

Everything is working.

Now, I installed another ubuntu server on (local IP). Apache installed, different content.
Now, I want to be able to access that ubuntu server through subdomain2.mysite.com
Also, created a virtual host subdomain2.mysite.com in ubuntu server.

I added another port forwarding rule in the router
Forward public IP (port 8080) to local IP (port 80)

But the problem is when adding subdomain or A records for subdomain2.mysite.com in Cpanel of mysite.com (hosted somewhere else), it won’t allow me to specify the port number (I cannot do, so I added only in the A entry.

Now, and http://subdomain2.mysite.com:8080 is publicly accessible
http://subdomain2.mysite.com is not accessible, which I need so that I can issue SSL for it.
I am trying to generate a lets-encrypt SSL certificate
SSL HTTP challenge is failing as Subdomain2.mysite.com is not accessible (using certbot command)

What should I do in this case?

I need either https://subdomain2.mysite.com or https://subdomain2.mysite.com:8080 (whichever is possible).
Even if there are paid SSL that supports it, can do that.
I don’t think reverse proxy is my solution as I am trying to point to two different servers.