You might have ran into the problem where you can still buy a 3 year (or 2) SSL certificate, but you have to renew it each year.
It's pretty simple still (assuming you know your way around SSH commands to your AWS instance).
- Generate your private key: sudo openssl genrsa -out server.key
Or if you have your private key from when you last did this, use that one!
- Take your private key and generate your CSR: sudo openssl req -new -key server.key -out csr2022.pem
- Open the file (in this case csr2022.pem) and paste/upload that into your SSL provider where they are asking for your CSR.
- You will then get your new SSL certificate and be able to upload that to your sever and update any links in your ssl.conf file.
- Then restart your httpd daemon and be done.
To see a full "how to" can be found here: https://www.thesslstore.com/knowledgebase/ssl-generate/amazon-ec2-aws/