Enable the Extra Packages for Enterprise Linux (EPEL).
$ sudo yum-config-manager --enable epel
Download the latest release of Certbot from EFF onto your EC2 instance using the following command.
$ wget https://dl.eff.org/certbot-auto
Make the downloaded file executable.
$ chmod a+x certbot-auto
Run the file with root permissions and the --debug flag.
$ sudo ./certbot-auto --debug
It throws the following error:
./certbot-auto: line 864: virtualenv: command not found
To fix this error:
Create a symlink.
$ sudo ln -s /usr/bin/virtualenv-2.7 /usr/local/bin/virtualenv
Add /usr/local/bin to the sudo path.
$ sudo visudo
add /usr/local/bin to the secure_path variable
Run the file again.
$ sudo ./certbot-auto --debug
Follow the process.
Configure Automated Certificate Renewal
Open /etc/crontab in a text editor.
$ sudo nano /etc/crontab
Add the following line:
39 1,13 * * * root /home/ec2-user/certbot-auto renew --no-self-upgrade
Restart the cron daemon:
$ sudo service crond restart
Sources:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/SSL-on-an-instance.html#letsencrypt
https://github.com/certbot/certbot/issues/2074