I have used letsencrypt’s certbot for creating certs for my domains. I have to download certbot and run in my machine and it gives a string to be placed in as dns record. I have to manually add the dns record. Then the certbot will verify it and generate my cert. I thought the process was cool compared to previously hectic process of CSR generation, pay the CA, wait for CA etc
But today I setup a GSuite account for one of my sites. I type my domain name and click verify. They automatically add dns record and verify it, I just have to give them permission by clicking ok when my domain registrar asks me whether I allow google to do this.
Why not letsencrypt work that way? Its fast and no manual work