Present a possession of your domain 3. Request LE to issue a certificate 4. Download the certificate 5. Renew the certificate periodically within 90 days All things CAN be automated via RESTful API All things MUST be automated, or you will be stuck
by AWS Lambda • State-less architecture by AWS S3 • Server-side-Encryption by AWS S3 SSE-KMS • Server-less domain validation by AWS Route53 • ChatOps integration by AWS API Gateway No server, No state, fully automated and Secure It’s super cool...
FREE FREE Application No limitation ELB and CloudFront Type DV certificate DV certificate Period 3 months 13 months Wildcard certificate Not Available Available Multiple domains (SAN) Available Available Validation methods HTTP, DNS Email Certificate algorithm RSA 2048, 4096 bits ECDSA (P-256, …?) RSA 2048 bits