If you use Let’s Encrypt, or any public CA, all of your domains and certificates will be public. You can use a wildcard to avoid revealing subdomains. There is a website that you can use to search what is available, but I don’t remember what it is.
I suspect there aren’t any serious risks to having that information revealed. The only real reason would be privacy against which services you are using on that domain.
Doesn’t Amazon just use RHEL as base for their image already?