Creating a wildcard in a static AWS S3 website + docker

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: heykidhealth.com

I ran this command: I didn’t run anything yet, but this is what I intend to
docker run -it --rm --name certbot
–volume “/tmp/etc-letsencrypt:/etc/letsencrypt”
–volume “/tmp/var-lib-letsencrypt:/var/lib/letsencrypt”
certbot/certbot certonly
–manual --manual-public-ip-logging-ok
–preferred-challenges dns
–server https://acme-v02.api.letsencrypt.org/directory
–domain ‘*.heykidhealth.com’ --domain ‘heykidhealth.com
–email admin@heykidhealth.com
–agree-tos
–rsa-key-size 2048

It produced this output: I didn’t run the command

My web server is (include version): a static website (draft) in an AWS S3 bucket

The operating system my web server runs on is (include version): I don’t know, AWS manages this

My hosting provider, if applicable, is: AWS S3

I can login to a root shell on my machine (yes or no, or I don’t know): no, AWS prevents me to

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): kind of, I use S3 dashboard to do that but OS commands are not allowed to me

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): I’m willing to use docker and would pull the latest docker image from certbot/certbot in Docker Hub.

Lots of questions were made and answered (some barely answered, I know). In order to clarify better, this is the current scenario: I’m not experienced with OS nor Let’s Encrypt commands but I can deal with them with some assistance.

  1. My domain is registered in AWS Route 53 and there is a very simple (index.html) webpage in an AWS S3 bucket - very, very, very simple.
  2. My starting point is the DB server and the database provider (neo4j) demands me to install a SSL certificate in production in order to ensure encryption on the fly and suggested Let’s Encrypt for that.
  3. Besides the DB server, I want to enable all API server to run under https. I want to create a wildcard to my entire server fleet - databases, API, app load balancer and so far. And I want to use Docker to simplify my work. I found this tutorial to create a wildcard certificate with certbot & Docker.
  4. I know AWS accepts Let’s Encrypt certificates but there is no documentation or tutorial about how to implement wildcards there.

Basically I don’t know how or where to create the Web Challenge in a S3 bucket. It should be in this path http://heykidhealth.com/.well-known/acme-challenge/, however it seems not to be possible.

Anyway, I don’t know how to proceed and I need assistance.

Thanks in advance,
Renato

1 Like

Hi @RenatoSPAKA

if you want to create a wildcard, dns validation is required. So /.well-known/acme-challenge isn’t relevant.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.