The Amazon Lightsail documentation walks through the creation of a wildcard SSL certificate using Let's Encrypt. Unfortunately, the final step of the tutorial says to manually renew your certificate every 90 days.
What if you want to have it renew automatically?
If you try to run the certbot renew
command via a cron job it will fail. The wildcard certificate validation process requires a change to your DNS records and this is not something certbot
handles out-of-the-box.
You have a few options to create an automated solution: