Get Google API Key

Login to your GCP console panel and go to the Public Certificate Authority API administration page.

Start Cloud Shell

gcloud services enable

Enter the following to check the item, you can skip this step if you only have one item, it will be automatically set as the only item:

gcloud config set project [project ID]

Get the API Key

gcloud beta publicca external-account-keys create

The pop-up window, when clicked on to authorize, returns a message in the following format for the record:

Created an external account key
[b64MacKey: xxxxxxxxxxxxxxxxxxxxxxx
keyId: xxxxxxxxxxxxxxx]

Setting Google public certificate authorization  --register-account -m [YOUR_EMAIL] --server google \
    --eab-kid [keyId] \
    --eab-hmac-key [b64MacKey]

Setting default CA server --set-default-ca --server google --accountconf /root/

Issuance of certificates

(RSA) --issue --dns -d [] -d [*] --accountconf /root/

(ECC) --issue --dns -d [] -d [*] --keylength ec-256 --accountconf /root/