The LetsEncrypt Certbot is an awesome tool for getting and maintaining SSL certificates for your sites. In most cases, it is extremely easy to setup and maintain. However, installing it on Amazon’s proprietary Linux server in EC2, it often fails. These are the steps I took to get it to install properly in my environment.
chmod a+x ./certbot-auto
sudo yum install libffi-devel
sudo yum install openssl-devel
sudo chown -R ec2-user:ec2-user .well-known/
./certbot-auto –no-self-upgrade –no-bootstrap
After performing these commands, you should now be able to use Certbot as you would normally.
Certbot will place your completed SSL certs in the following paths.
- Full Chain:
- Private Key:
To setup auto renew, you will need to add the following line to your crontab file. Make sure you are running as root when you do so using sudo su.
Adding this line will run the renewal process twice per day.
0 2,14 * * * /home/ec2-user/certbot-auto renew
If you have any issues, leave a message in the comments so we can help.