Every time I’ve ever interacted with Let’s Encrypt, I’ve learned all about the new way local Python was inadequate, and this time when I run the script, it’s throwing up its hands and talking about how Amazon Linux is ‘very experimental’. But I don’t need any of these frills, because I have a perfectly valid certificate – all I need is a renewal.
Are there any alternate routes to prove I control the domain? Because setting a specialty A record would be somewhat easier than exploring the wide variances in Python 2.7.
You’ll need some kind of software that’s capable of speaking the ACME protocol for each renewal, there’s really no way around that. It doesn’t necessarily have to run on the server you’re using the certificate on, but unless you want to handle renewal manually every three months or manage dedicated certificate management infrastructure, that’ll be the easiest option.
There are a number of other ACME clients that you can choose from, certbot is just one option. Many of them have little to no dependencies and run on pretty much anything that resembles a Linux/Unix distribution released in the past 5 years - the bash clients tend to be a good fit for that scenario, as is Lego.
Could you provide the commands you are running. If you are looking for stability I would suggest adding the the switch below. to stop automatic upgrades
–no-self-upgrade (certbot-auto only) prevent the certbot-auto script
from upgrading itself to newer released versions
(default: Upgrade automatically)
As @pfg mentioned there are other clients apart from certbot which may give you more granular control
up to you to go back to the scratch board figure out what your desired experience is and how to choose a client that matches that experience.