Now let’s try to automate the certificate generation. For this I am going to refer to a post published on pbxhacks.com. Please do exercise caution when you try the scripts below as they will change all the TXT records in your domain.
--manual-auth-hook and --manual-cleanup-hook options in certbot can be used to add the TXT record and delete it once the DNS Challenge is completed.
auth.sh
This script will add the TXT record and wait until that record is available to be verified.
cleanup.sh
Changes the TXT record name since GoDaddy does not have a delete API.
run.sh
Runs Certbot.
Obtaining the Certificates
Execute run.sh with the domain to generate the certs. For testing the scripts pass --staging flag to certbot command to not get blacklisted.
ZeroSSL is an online tool that can generate the Certs for you. With ZeroSSL you do not have to install anything on your machine but bare in mind that your Private Keys will be exposed to a 3rd party when you use it.