Go to https://api.ovh.com/console/ and create a new API key with these rights (replace domain.ltd with your domain managed at OVH):
GET /domain/zone/
GET /domain/zone/domain.ltd/status
GET /domain/zone/domain.ltd/record
GET /domain/zone/domain.ltd/record/*
POST /domain/zone/domain.ltd/record
POST /domain/zone/domain.ltd/refresh
DELETE /domain/zone/domain.ltd/record/*
Create an ovhapi
file with this content:
dns_ovh_endpoint = ovh-eu
dns_ovh_application_key = your-application-key
dns_ovh_application_secret = your-application-secret
dns_ovh_consumer_key = your-consumer-key
Then launch this:
docker run -i --rm --name certbot \
-v "/etc/letsencrypt:/etc/letsencrypt" \
-v "/var/lib/letsencrypt:/var/lib/letsencrypt" \
-v "/path/to/ovhapi-file:/.ovhapi" certbot/dns-ovh certonly \
--dns-ovh --dns-ovh-credentials /.ovhapi \
--non-interactive --agree-tos \
--email user@domain.ltd \
-d domain.ltd -d *.domain.ltd
You will find your wildcard certificates on /etc/letsencrypt
folder of your machine.