I’d been looking for a way to renew my Let’s Encrypt TLS/SSL certificates via AWS Lambda (using DNS authentication by updating Route 53) rather than web authentication. This project started since I wanted to separate out my mail server from my web server, and while I suppose I could run Apache (or whatever) on the mail server just to be able to request certificates it seems kind of silly, and this sort of automatic run-a-piece-of-code-occasionally scenario seemed like the perfect chance to use AWS Lambda.
I expected this to be a common & solved problem, but in my searching around the Internet I didn’t really see exactly what I was looking for. There were some solutions out there, but they seemed overly complicated for just “renew my certificates every two months”, and some were out of date (not even updated to the ACME v2 protocol). So I figured I’d need to write at least some code myself.Continue reading