Today, I’m going to show you how to obtain a Letsencrypt wildcard certificate and automate the renewal process. The challenge here is that only DNS verification is supported for wildcard certificates. You have to request and verify ownership of your domain by updating DNS TXT records every 60 days or so. Certbot has few DNS plugins for specific providers but in this video, I’ll show you an approach that will work with all DNS providers.
devops Key Pair
web Security Group with the following inbound ports:
Create EC2 Ubuntu 20.04 server
Allocate public Elastic IP address and associate it with our EC2 instance
SSH to the EC2 instance using public IP address and
devops private key
Decode certificate online
Renew certificate (test)
if you’re setting up a cron or systemd job, we recommend running it twice per day (it won’t do anything until your certificates are due for renewal or revoked, but running it regularly would give your site a chance of staying online in case a Let’s Encrypt-initiated revocation happened for some reason). Please select a random minute within the hour for your renewal tasks.
Let’s Encrypt will send a message to the email you specified, warning you when your certificate is about to expire.
devopsKey Pair and local