I just published a blog post about the steps necessary to deploy Certbot inside AWS Lambda and thought I would share here as well:
For fully serverless websites it’s the only way to have automatically renewed certificates, and even for regular website setups I think it’s a very appealing option for all the usual serverless benefits - low/no maintenance.
Pretty cool, I love uses of serverless for things like this.
It could also be generalized for central distribution of certificates, e.g. uploading them into S3 and allowing downstream services to just download them on a schedule.
Is there any particular motivation for wanting to import Let’s Encrypt certificates into ACM, rather than relying on the the free, long duration and automatically renewing DV certificates built into ACM?
Does ACM support that? When I originally tried it it only supported email verification.
If it does support it now then that would also be a perfectly valid approach, although I’m very fond of LetsEncrypt and how it’s pushed the industry, so I’d still prefer to use it.
ACM supports magic DNS validation now. You set a
CNAME record with a special name and value, they'll issue the certificate, and automatically renew (as long as it's in use).
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.