Verification Issues Renewing Let’s Encrypt Free SSL On AWS Light Sail

Having trouble renewing your free SSL on Amazon's Lite Sail service? I had many frustrations trying to accomplish this.

First open up your terminal window on the Light Sail Instance

Run the following command:

sudo certbot -d glsautoparts.com -d www.glsautoparts.com --manual --preferred-challenges dns certonly

Amazon AWS Lightsail SSL Renewal Example Terminal Commands

This will return two values you have to enter at your domain registrar and add a TXT record.

GoDaddy-Example-TXT-Record

When checking propagation you need to use when searching for the TXT record the following values:

_acme-challenge.www.glsautoparts.com

_acme-challenge.glsautoparts.com

If you use just your domain name (glsautoparts.com) it will return SPF records.

Once they have propagated then you can stop and start apache using the commands below. Rebooting the instance doesn't always work and loads the Apache2 start page.

sudo service apache2 stop
sudo /opt/bitnami/ctlscript.sh start apache