Install certbot/letsencrypt on Amazon Linux 2 and enable HTTPS on nginx (similar process available for apache)
sudo yum update
sudo yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
sudo yum-config-manager --enable epel
sudo yum install certbot python3-certbot-nginx
certbot --version
Use the following command to generate the certification and automatic let the certbot to modify the nginx configuration to enable https:
sudo certbot --nginx
or if you need only the certification, use the following command:
sudo certbot certonly --nginx
The certification will be created on the folder
/etc/letsencrypt/live/YOUR_SITE_NAME/
for example:
Certification
/etc/letsencrypt/live/www.my-site.com/cert.pem
Private key
/etc/letsencrypt/live/www.my-site.com/privkey.pem
Use the following command to enable automatic renewal of the certification:
sudo certbot renew --dry-run
If during certification creation an error like the following appears:
"Could not choose appropriate plugin: The requested nginx plugin does not appear to be installed"
then run the command
sudo yum install certbot python-certbot-nginx
and retry to create the certification.
For apache, you can use python2-certbot-apache instad of python2-certbot-nginx,
make sure your using the option --apache instead of --nginx during the creation of the certification.
DNS must be configured to point to your macchine, othrewise the check of the certbot will fails.