Confused, Building an AWS Linux Apache server, I need a CA to register my domain right?

I am using Amazon Web Service to make a web server with a domain name. I have currently set up an Amazon Linux AMI with Apache. I have already purchased a domain from amazon. I have just created a CSR on my Linux machine. From my understanding I need to use certbot on my Linux machine to confirm the CSR.

I am just confused because I am not exactly sure if I need to use ‘Let’sEncrypt’ service. If I have already purchased a domain on my amazon account and created an instance of my Linux server, shouldn’t amazon already offer a way to confirm my CSR? I believe if I use the Elastic Beanstalk method it does it for you?

Anyway, am I correct that If i just made a CSR I need to use certbot on my machine to confirm the CSR?

While you can use Certbot with a CSR you generated yourself, that’s not a recommended method if you can avoid it. Certbot will generate it’s own CSR and then use that to get a signed certificate in most cases. I’d recommend following the Getting Started guide and Certbot instructions. I’m not familiar enough with Amazon’s offerings on this front to speak to whether or not a free certificate is something that comes with the services you’re using, but in general no, your domain registrar is not automatically responsible for providing you with a certificate, although many will gladly sell you one.

Some of the Amazon services do offer free publicly-trusted certificates. You might want to take a look at

You can also use Let’s Encrypt certificates on Amazon infrastructure (and many people do), but if your service is one where Amazon can handle this for you, that might be easier.

Like @jared.m, I don’t know offhand exactly which Amazon services support this.

1 Like

That’s a very helpful link, @jmorahan!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.