This is the commonly used method for manually renewing Let’s Encrypt SSL on AWS Lightsail with CentOS.
Prerequisites
• The domain (e.g., minoworks.net) must currently point to your server’s IP
• Certbot must be installed on the server (refer to Certbot documentation for installation steps)
• You must have permission to edit DNS records (DNS hosting console or API access)
Commands used for manual renewal
# Check currently installed certificates
sudo certbot certificates
# Delete existing SSL certificate
sudo certbot delete --cert-name minoworks.net
# Reconfigure certificate issuance
sudo certbot certonly --manual --preferred-challenges=dns -d minoworks.net -d www.minoworks.net
# Set DNS TXT records
_acme-challenge.minoworks.net.
_acme-challenge.www.minoworks.net.
# Restart server
sudo /opt/bitnami/ctlscript.sh restart