I assume that you can login to Amazon Linux 2 AMI console.
Once you login there, type the below command to find where are host file configuration:

#apachectl -S

go to /etc/httpd/conf.d/ as I can see the hosts file are setup under that folder.

# cd /etc/httpd/conf.d/

# ls -al
You will see all the domains that are setup. Now for example you need to setup a domain test.arzerin.com
So, what you will have to do is create 2 files, one for http (80) & another one for https (443).

#nano test.arzerin.com.conf

WRITE AS BELOW Type in the File:
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –

<VirtualHost *:80>
ServerAdmin webmaster@commcaster.com
DocumentRoot “/var/www/test”
ServerName test.arzerin.com
ErrorLog “/var/log/httpd/test.arzerin.com-error_log”
CustomLog “/var/log/httpd/test.arzerin.com-access_log” common
RewriteEngine on
RewriteCond %{SERVER_NAME} =admin.commcaster.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
<Directory “/var/www/test/”>
Options All
AllowOverride All
Require all granted
</Directory>
<Location />
Options +Indexes +FollowSymLinks +MultiViews +ExecCGI +SymLinksIfOwnerMatch
AllowOverride All
require all granted
</Location>
</VirtualHost>

#nano test.arzerin.com-le-ssl.conf

WRITE AS BELOW Type in the File:
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –

<IfModule mod_ssl.c>

<VirtualHost *:443>
ServerAdmin webmaster@commcaster.com
DocumentRoot “/var/www/test”
ServerName test.arzerin.com
ErrorLog “/var/log/httpd/test.arzerin.com-error_log”
CustomLog “/var/log/httpd/test.arzerin.com-error_log” common
Include /etc/letsencrypt/options-ssl-apache.conf
<Directory “/var/www/test/”>
Options All
AllowOverride All
Require all granted
</Directory>
<Location />
Options +Indexes +FollowSymLinks +MultiViews +ExecCGI +SymLinksIfOwnerMatch
AllowOverride All
require all granted
</Location>

</VirtualHost>
</IfModule>

To Install SSL for this domain, type the below command:
#sudo certbot

You will see something like this:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache

Which names would you like to activate HTTPS for?
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
1: www.arzerin.com
2: test.arzerin.com
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter ‘c’ to cancel):

Type 2, press Enter.

Your website SSL will be installed.

Sometime SSL expired, inn order to keep the SSL always renewed set the below by typing crontab -e :
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –

39 1,13 * * * root  certbot renew –no-self-upgrade
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –

To Know more about certbot, you can read it from here: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/SSL-on-amazon-linux-2.html#letsencrypt
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/SSL-on-amazon-linux-2.html
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hosting-wordpress.html