I have an Ubuntu 20.04 server on an AWS EC2 instance running Apache and I'm trying to obtain a certificate using certbot, however I'm having trouble with credentials. Below is the command I run, followed by the error output:
user@address:~$ sudo certbot certonly --dns-route53 --dns-route53-propagation-seconds 30 -d mydomain.com -d *.mydomain.com -i apacheSaving debug log to /var/log/letsencrypt/letsencrypt.logPlugins selected: Authenticator dns-route53, Installer apacheObtaining a new certificatePerforming the following challenges:dns-01 challenge for mydomain.comdns-01 challenge for mydomain.comCleaning up challengesUnable to locate credentialsTo use certbot-dns-route53, configure credentials as described at https://boto3.readthedocs.io/en/latest/guide/configuration.html#best-practices-for-configuring-credentials and add the necessary permissions for Route53 access.I've followed the below guides:
- https://certbot.eff.org/lets-encrypt/ubuntufocal-apache.html (wildcard tab, up to step 6)
- https://certbot-dns-route53.readthedocs.io/en/stable/ (created an IAM policy and applied it to a new user)
and chosen to set the credentials using environment variables:
$ export AWS_ACCESS_KEY_ID=<id>$ export AWS_SECRET_ACCESS_KEY=<secret>When I use $ printenv AWS_ACCESS_KEY_ID and $ printenv AWS_SECRET_ACCESS_KEY I am shown the credentials on screen, so I don't understand why certbot is unable to locate them.
Any ideas?