Using Let’s Encrypt is very simple for standalone Nginx or Apache configs, but what if you want to use a Let’s Encrypt certificate on Amazons’s CloudFront? Well, that’s where things can get tricky, but here are the steps:
- Create a manual certificate and upload the
acme-challengefiles
sudo letsencrypt-auto certonly --manual -d example.com -d www.example.com
- Upload the certificate to CloudFront
cd /etc/letsencrypt/live/www.example.com &&
aws iam upload-server-certificate \
--server-certificate-name Name-in-dropdown \
--certificate-body file://fullchain.pem \
--private-key file://privkey.pem \
--path /cloudfront/
- Choose your new certificate
Name-in-dropdownin your distribution settings.