search

dehydrated-io / dehydrated

letsencrypt/acme client implemented as a shell-script – just add water
https://dehydrated.io
MIT License
5.96k stars 716 forks source link

Add support for Google Trust Services ACME #905

Open Exagone313 opened 1 year ago

Exagone313 commented 1 year ago

Hello,

Google released their own ACME implementation (which is part of Google Trust Services). It uses EAB authentication like ZeroSSL. It is available as part of Google Domains (for no additional costs).

There is a blog post here that talks about it, and a help page here.

I think dehydrated supports it already, but it could be added as a preset. I haven't checked yet if it works out of the box.

Also, they made their own API to update __acme-challenge TXT records for DNS-01 (which is mostly documented here) but I don't think this is in the scope of dehydrated.

prices commented 1 year ago

As a reference here is the certbot plugin:

https://github.com/aaomidi/certbot-dns-google-domains

I would also like to see this. I have been using dehydrated for a long time, but now have moved my domains to Google.

prices commented 1 year ago

I created a hook for it: https://github.com/prices/dehydrated_hooks

At this point it is a quick and dirty hack in nodejs.

Dehydrated devs, you are welcome to add this to the list of hooks documentation. Thanks!