...add another domain from a different server to the same lets encrypt license is that possible?
This could be done, but requires careful configuration or manual adjustments when updating.
LetsEncrypt verifies each new or renewed certificate using an HTTP connection to the names requested for the cert.
If you're hosting a site on another server, how do you get the SME to respond to the LetsEncrypt challenge?
If the second host is "behind" the SME, you could get the SME to intercept /.well-known/acme-challenge locally while sending other traffic to the second host, then distribute the cert to the second host after it's updated.
I do this on my home network with a SME in server-only mode, but I have to play with my firewall rules every time I need to renew my certificates
I have a set of WAF rules in my sophos firewall that redirect /.well-known/acme-challenge to the system that manages the LetsEncrypt certificates. However, I'm collecting certs on different hosts using the same names, so I still need to turn some rules on and off every 90 days while doing updates...
[pointless extra details]
SME (office.mydomain.tld)
+ autodiscover.mydomain.tld
+ etherpad.mydomain.tld
NethServer (neth.mydomain.tld)
+ collabora.mydomain.tld
+ mattermost.mydomain.tld
+ etherpad.mydomain.tld
Ubuntu (cloud.mydomain.tld)
+ collabora.mydomain.tld
+ etherpad.mydomain.tld
+ passbolt.mydomain.tld
+ wiki.mydomain.tld
+ docker.mydomain.tld
+ office.mydomain.tld
+ router.mydomain.tld
Sophos (router.mydomain.tld)
--> I have a script on cloud.mydomain.tld that will push the letsencrypt cert to the router
--> Once the router has the new cert, I have to manually update the cert settings in the router for affected services
Docker (docker.mydomain.tld)
--> cronjob looks for new cert on cloud.mydomain.tld
--> if there is a new cert, load it and restart the 'onlyoffice' docker container
I could simplify the above, but I keep it as-is in order to teach myself about the various platforms (SME, Neth, Ubuntu, Docker, Sophos)