To install Let’s Encrypt SSL on Amazon Linux 2, you can follow these steps:

1. Update your Amazon Linux 2 instance with the latest packages:

sudo yum update -y

2. Install the required dependencies:

sudo yum install -y mod_ssl python3 python3-pip

3. Install the Certbot client using pip3:

sudo pip3 install certbot

4. Allow HTTPS traffic in the firewall:

sudo firewall-cmd --zone=public --permanent --add-service=https
sudo firewall-cmd --reload

5. Request a certificate for your domain using Certbot:

sudo certbot certonly --standalone -d your-domain.com

6. Certbot will ask you to provide an email address for renewal notices and to agree to the Let’s Encrypt terms of service. After providing the required information, Certbot will generate a new SSL certificate and store it in /etc/letsencrypt/live/your-domain.com/.
7. Once the certificate is generated, you need to configure your web server to use it. Open the Apache configuration file for your domain:

sudo nano /etc/httpd/conf.d/your-domain.com.conf

8. Add the following lines to the file, replacing your-domain.com with your domain name:

<VirtualHost *:80>
    ServerName your-domain.com
    Redirect permanent / https://your-domain.com/
</VirtualHost>

<VirtualHost *:443>
    ServerName your-domain.com
    SSLEngine on
    SSLCertificateFile /etc/letsencrypt/live/your-domain.com/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/your-domain.com/privkey.pem
    SSLProtocol all -SSLv2 -SSLv3
    SSLCipherSuite HIGH:!aNULL:!MD5
    DocumentRoot /var/www/html
</VirtualHost>

9. Save and close the file, then restart Apache:

sudo systemctl restart httpd

That’s it! Your website should now be accessible over HTTPS using the Let’s Encrypt SSL certificate.