Hello!
I am using Amazon Web Service to make a web server with a domain name. I have currently set up an Amazon Linux AMI with Apache. I have already purchased a domain from amazon. I have just created a CSR on my Linux machine. From my understanding I need to use certbot on my Linux machine to confirm the CSR.
I am just confused because I am not exactly sure if I need to use ‘Let’sEncrypt’ service. If I have already purchased a domain on my amazon account and created an instance of my Linux server, shouldn’t amazon already offer a way to confirm my CSR? I believe if I use the Elastic Beanstalk method it does it for you?
Anyway, am I correct that If i just made a CSR I need to use certbot on my machine to confirm the CSR?
While you can use Certbot with a CSR you generated yourself, that’s not a recommended method if you can avoid it. Certbot will generate it’s own CSR and then use that to get a signed certificate in most cases. I’d recommend following the Getting Started guide and Certbot instructions. I’m not familiar enough with Amazon’s offerings on this front to speak to whether or not a free certificate is something that comes with the services you’re using, but in general no, your domain registrar is not automatically responsible for providing you with a certificate, although many will gladly sell you one.
You can also use Let’s Encrypt certificates on Amazon infrastructure (and many people do), but if your service is one where Amazon can handle this for you, that might be easier.
Like @jared.m, I don’t know offhand exactly which Amazon services support this.