Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: heykidhealth.com
I ran this command: I didn’t run anything yet, but this is what I intend to
docker run -it --rm --name certbot
–volume “/tmp/etc-letsencrypt:/etc/letsencrypt”
–volume “/tmp/var-lib-letsencrypt:/var/lib/letsencrypt”
certbot/certbot certonly
–manual --manual-public-ip-logging-ok
–preferred-challenges dns
–server https://acme-v02.api.letsencrypt.org/directory
–domain ‘*.heykidhealth.com’ --domain ‘heykidhealth.com’
–email admin@heykidhealth.com
–agree-tos
–rsa-key-size 2048
It produced this output: I didn’t run the command
My web server is (include version): a static website (draft) in an AWS S3 bucket
The operating system my web server runs on is (include version): I don’t know, AWS manages this
My hosting provider, if applicable, is: AWS S3
I can login to a root shell on my machine (yes or no, or I don’t know): no, AWS prevents me to
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): kind of, I use S3 dashboard to do that but OS commands are not allowed to me
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): I’m willing to use docker and would pull the latest docker image from certbot/certbot in Docker Hub.
Lots of questions were made and answered (some barely answered, I know). In order to clarify better, this is the current scenario: I’m not experienced with OS nor Let’s Encrypt commands but I can deal with them with some assistance.
- My domain is registered in AWS Route 53 and there is a very simple (index.html) webpage in an AWS S3 bucket - very, very, very simple.
- My starting point is the DB server and the database provider (neo4j) demands me to install a SSL certificate in production in order to ensure encryption on the fly and suggested Let’s Encrypt for that.
- Besides the DB server, I want to enable all API server to run under https. I want to create a wildcard to my entire server fleet - databases, API, app load balancer and so far. And I want to use Docker to simplify my work. I found this tutorial to create a wildcard certificate with certbot & Docker.
- I know AWS accepts Let’s Encrypt certificates but there is no documentation or tutorial about how to implement wildcards there.
Basically I don’t know how or where to create the Web Challenge in a S3 bucket. It should be in this path http://heykidhealth.com/.well-known/acme-challenge/, however it seems not to be possible.
Anyway, I don’t know how to proceed and I need assistance.
Thanks in advance,
Renato