My domain is: 66c.dev
I ran this command:
domains: - '*.66c.dev' certfile: fullchain.pem keyfile: privkey.pem challenge: dns dns: provider: dns-google google_creds: google.json
It produced this output:
Plugins selected: Authenticator dns-google, Installer None Obtaining a new certificate Performing the following challenges: dns-01 challenge for 66c.dev Attempting refresh to obtain initial access_token Refreshing access_token Cleaning up challenges Attempting refresh to obtain initial access_token Refreshing access_token Error finding zone. Skipping cleanup. Unable to determine managed zone for 66c.dev using zone names: ['66c.dev', 'dev'].
My web server is (include version):
Home Assistant 0.114.4
The operating system my web server runs on is (include version):
Ubuntu 20.04.1 LTS
My hosting provider, if applicable, is:
DynDNS off a local server, updating Google Domains via ddclient
I’m trying to route _acme-challenge only to Google Cloud DNS via a CNAME pointing at
ns-cloud-a1.googledomains.com. In Cloud DNS, I’ve created a public record for _acme-challenge.66c.dev with data:
google.json has an appropriately scoped role account set up.
I can login to a root shell on my machine (yes or no, or I don’t know):
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you’re using Certbot):
I’m especially unsure about what the heck I’m up to with the Google Domains -> Google DNS routing (I can’t do the whole record, because then ddclient can’t auto update the synthetic A record anymore; I want to route the challenge subdomain only).
Thanks in advance!
Sneaky edit: I have a working Let’s Encrypt SSL cert deployed at the moment, but it’s only on the top domain (not the *.). For some reason I decided to try the new HA plugin tooling and a new challenge method at the same time.