Certbot DNS authenticator for Google Domains
A Certbot DNS Authenticator for Google Domains.
Option | Description |
---|---|
--authenticator dns-google-domains |
Select this authenticator plugin. |
--dns-google-domains-credentials FILE |
Path to the INI file with credentials. |
--dns-google-domains-propagation-seconds INT |
How long to wait for DNS changes to propagate. Default = 30s. |
--dns-google-domains-zone STRING |
What the registered domain on Google domains is. Default: Retrieved from either the credentials file, or by using the public suffix list to guess. |
The credentials file includes the access token for Google Domains.
dns_google_domains_access_token = abcdef
Optionally, you can also define the zone in this file.
dns_google_domains_access_token = abcdef
dns_google_domains_zone = example.com
docker run \
-v '/var/lib/letsencrypt:/var/lib/letsencrypt' \
-v '/etc/letsencrypt:/etc/letsencrypt' \
--cap-drop=all \
ghcr.io/aaomidi/certbot-dns-google-domains:latest \
certbot certonly \
--authenticator 'dns-google-domains' \
--dns-google-domains-credentials '/var/lib/letsencrypt/dns_google_domains_credentials.ini' \
--server 'https://acme-v02.api.letsencrypt.org/directory' \
--non-interactive \
--dns-google-domains-zone 'example.com' \
-d 'a.example.com'
Notes:
-v '/var/lib/letsencrypt:/var/lib/letsencrypt'
is where certbot by default outputs certificates, keys, and account information.-v '/etc/letsencrypt:/etc/letsencrypt'
is where certbot keeps its configuration.--authenticator 'dns-google-domains'
uses the dns-google-domains authenticator.--dns-google-domains-credentials '/var/lib/letsencrypt/dns_google_domains_credentials.ini'
is the path to the credentials file.--dns-google-domains-zone 'example.com'
is the main domain you have registered with Google domains. This is optional.You can get the certbot-dns-google-domains
package from PyPi:
pip3 install certbot certbot-dns-google-domains
certbot certonly \
--authenticator 'dns-google-domains' \
--dns-google-domains-credentials '/var/lib/letsencrypt/dns_google_domains_credentials.ini' \
--server 'https://acme-v02.api.letsencrypt.org/directory' \
--dns-google-domains-zone 'example.com' \
-d 'a.example.com'
Note: If you have installed Certbot from a non-pip3 source, the certbot-dns-google-domains plugin might not be compatible with your existing Certbot installation. In this case, consider using pip3 to install Certbot and its plugins to ensure compatibility.
brew install certbot
$(brew --prefix certbot)/libexec/bin/pip3 install certbot-dns-google-domains
Google Domains does not provide an API to obtain the zone for a domain based on a subdomain. This plugin employs the following logic to determine the zone:
--dns-google-domains-zone
argument is specified, use that.