Output double quotes and variable

Question

I'm writing a script to automate Let's Encrypt in PowerDNS,(this is a simple bash shell script to be run on debian)

Certbot runs and calls the script, feeding to it the variable: $CERTBOT_VALIDATION

I read a thread already here which shows the need for '"content"' – notice the single quote ' and the double quote ". (i've tried this in a different iteration of the code to no avail)  I'm struggling to output the expanded variable inside quotes, here is one way i tried:

pdnsutil add-record Example.com _acme-challenge txt 120 "\"%s\""  "$CERTBOT_VALIDATION"

However, to output that from bash, I must add a \ before the ".

I want the output command to be as follows:

 pdnsutil add-record Example.com _acme-challenge txt 120 "content"

What is the best way to do this?

whatever is currently being output is erroring with:

Error: Parsing record content (try 'pdnsutil check-zone'): Data field in DNS should start with quote (") at position 0 of ''yXtgt_2vlnrF7j2V-eTJZuSjXbswsGN97TQ0Zp3IynM''

Answer 1

i'll provide an update as a potential answer for anyone who comes across this in the future.

when running the certbot command:

certbot certonly --manual --preferred-challenges=dns --manual-auth-hook /etc/letsencrypt/customScripts/authenticator.sh -d *.example.com --dry-run

the script authenticator.sh is now:

#!/bin/bash
new='"'
new2=$new$CERTBOT_VALIDATION$new
pdnsutil add-record example.com _acme-challenge txt 120 $new2
echo $new2 > output.log
# Sleep to make sure the change has time to propagate over to DNS
sleep 25

this works, concatenating the variables as strings to add the double quotes. output.log shows the variable was

cat output.log 
"RipQQbHO5pG95nzJjouCgTXJMrGTbLKQ5XsV5Zgn7uI"

and certbot reports:

certbot certonly --manual --preferred-challenges=dns --manual-auth-hook /etc/letsencrypt/customScripts/authenticator.sh -d *.example.com --dry-run
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for example.com

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NOTE: The IP of this machine will be publicly logged as having requested this
certificate. If you're running certbot in manual mode on a machine that is not
your server, please ensure you're okay with that.

Are you OK with your IP being logged?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: y
Output from authenticator.sh:
RipQQbHO5pG95nzJjouCgTXJMrGTbLKQ5XsV5Zgn7uI
New rrset:
_acme-challenge.example.com. IN TXT 120 "RipQQbHO5pG95nzJjouCgTXJMrGTbLKQ5XsV5Zgn7uI"

Error output from authenticator.sh:
Apr 05 10:51:41 Reading random entropy from '/dev/urandom'
Apr 05 10:51:41 gmysql Connection successful. Connected to database 'pdns' on '127.0.0.1'.
Apr 05 10:51:41 gmysql Connection successful. Connected to database 'pdns' on '127.0.0.1'.

Waiting for verification...
Cleaning up challenges

IMPORTANT NOTES:
 - The dry run was successful.

so this seems to have solved it.