Google Domains / DNS without GPC so only API-key token

I'm trying to figure out how to configure a credential JSON file or parameter --dns-google-credentials for Certbot without having to subscribe to GPC. All I have for credentials are the API-key tokens associated with each domain name that I received from the security section of my Google domain portal. Is there a format to include it directly as a parameter or how do I include just that in a JSON file?

I'm afraid you can't use the certbot-dns-google plugin for "Google Domains". Even, the ACME client with I think the most amount of DNS plugins available, doesn't have a Google Domains plugin.

I see the lego ACME client does have Google Domains support: Google Domains :: Let’s Encrypt client and ACME library written in Go.

If you don't want to switch Certbot to lego, you could use the third party Certbot DNS plugin build by our own @_az certbot-dns-multi, which uses lego under the hood.


Lego hasn’t made a new release since that provider was merged. It’ll be in the next version of the plug-in.


Ah, I didn't realise Google Domains was added just last week!

I'm not familair with the release cadence of lego, but maybe they can make a new release soon.


There is always the "CNAME to some other DNS service [including your own IP]" workaround.



for some guidance on rg305's suggestion


I presume you're using linux? Certify The Web and Posh-ACME both have a new Google Domains provider but they're mostly useful on Windows.

For certbot you probably want this plugin instead: GitHub - aaomidi/certbot-dns-google-domains: Google Domains plugin for Certbot.

Google Domains is fundamentally different from Google Cloud DNS, and Google Domains is quite unique in that they provide an API that's only for DNS challenges using ACME.


DNS api for google domains is available here


Did you create this before the one that's emerging here by Alex Leigh?

I don't know if you've seen it. It's on the second page and not in the directory yet.
Are there feature differences?

1 Like

Thanks Osiris,
It's hard to find but on does have a Plugin, but it's still not listed in the directory. It seems to work well.
157. Use Google Domains DNS API
I tried the legos option
but I noticed the version is "since:" 4.11.0 and the current is v4.10.2

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

A late update: lego released v4.11.0 today and certbot-dns-multi now supports Google Domains.