HEX
Server: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
System: Linux ip-172-31-40-18 4.14.146-93.123.amzn1.x86_64 #1 SMP Tue Sep 24 00:45:23 UTC 2019 x86_64
User: apache (48)
PHP: 5.6.40
Disabled: NONE
$ pwd: /usr/local/ngfot/letsencrypt/certbot-dns-route53/
Upload Files
File: //usr/local/ngfot/letsencrypt/certbot-dns-route53/README.md
## Route53 plugin for Let's Encrypt client

### Before you start

It's expected that the root hosted zone for the domain in question already
exists in your account.

### Setup

1. Create a virtual environment

2. Update its pip and setuptools (`VENV/bin/pip install -U setuptools pip`)
to avoid problems with cryptography's dependency on setuptools>=11.3.

3. Make sure you have libssl-dev and libffi (or your regional equivalents)
installed. You might have to set compiler flags to pick things up (I have to
use `CPPFLAGS=-I/usr/local/opt/openssl/include
LDFLAGS=-L/usr/local/opt/openssl/lib` on my macOS to pick up brew's openssl,
for example).

4. Install this package.

### How to use it

Make sure you have access to AWS's Route53 service, either through IAM roles or
via `.aws/credentials`. Check out
[sample-aws-policy.json](examples/sample-aws-policy.json) for the necessary permissions.

To generate a certificate:
```
certbot certonly \
  -n --agree-tos --email DEVOPS@COMPANY.COM \
  --dns-route53 \
  -d MY.DOMAIN.NAME
```
@ Telegram