Aws lightsail ssl

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain

I ran this command:

It produced this output:

My web server is (include version):AWS Lightsail

The operating system my web server runs on is (include version):AWS linux

My hosting provider, if applicable, is:AWS Lightsail

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):Lightsail ssh

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):certbot manual
I installed Letsencrypt SSL successfully in this domain. I mistakenly added another Lightsail instance domain in the same instance. Realised my mistake and deleted TXT reords and tried re- install from the beginning. How do you completely delete SSL related files and re-install the certificate from the start.

1 Like

Can you post the output of “sudo certbot certificates”?

What commands did you run?

What do you need to delete?


I Have successfully installed the certificate by following step by step documents for several sites. . Where i made the mistake is, for another instance and another domain i connected the ssh command of the above said domain and start to add commands step by step. Middle of the process, i realised i am using ( domain’s) command line for another domain in Lightsail. So i deleted TXT records and try to start from the beginning. The certificates are issued. I am unable to delete and start from scratch.

1 Like

So you used DNS authentication to insert a cert into a domain.
Only to realize you were in the wrong system.
And now it has a cert from a completely different domain?

If so, …

1 Like
sudo certbot -d $DOMAIN -d $WILDCARD --manual --preferred-challenges dns certonly

I followed this step by step guide
. deleted TXT records to start from scratch.

Unable to delete what ?


Can you answer my other two questions too?

Deleting the TXT records isn't a mistake, for what it's worth. You can delete them as soon as Let's Encrypt has validated the domain. They only have to exist for a few minutes. You can also delete them if you decide you don't want to issue the certificate at all.

Every time you renew the certificate, different TXT records will have to be set.

FYI, the Amazon tutorial does not follow the recommended way to use Let's Encrypt -- with automated validation and automated renewal. :frowning_face: You shouldn't have to execute manual steps and manually copy and paste DNS records every 2-3 months.

You should consider using different documentation instead. But I don't have a good link off hand.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.