« »
3/08/2017

How to issue and renew Let's Encrypt certificates with OVH DNS API

Acme.sh

First thing first, download and install acme.sh.


Create OVH Application

Open https://eu.api.ovh.com/createApp/.


How to issue a Let's Encrypt free SSL certificate

# application key
export OVH_AK="APPLICATION_KEY"
# application secret
export OVH_AS="APPLICATION_SECRET"

acme.sh --issue -d mydomain.net -d sub1.mydomain.net -d sub2.mydomain.net --dns dns_ovh

If you run this command for the first time you will have to authenticate.


How to renew a Let's Encrypt free SSL certificate

# application key
export OVH_AK="APPLICATION_KEY"
# application secret
export OVH_AS="APPLICATION_SECRET"

acme.sh --renew -d mydomain.net -d sub1.mydomain.net -d sub2.mydomain.net --dns dns_ovh

What to do in case of INVALID_CREDENTIALS or invalid domain error

If you have this error:

[Wed Mar  8 12:28:08 CET 2017] invalid domain
[Wed Mar  8 12:28:08 CET 2017] Error add txt for domain:_acme-challenge.mydomain.net

Or this error:

[Wed Mar  8 12:28:08 CET 2017] INVALID_CREDENTIALS

I had these issues because I manage multiple domains over multiple OVH account and acme.sh currently does not handle this.

To resolve these issues, edit and remove everything related to the OVH API (OVH_AK and OVH_AS) in the file below:

nano ~/.acme.sh/account.conf

Other issues

Try to follow the guide.

« »
 
 
Made with on a hot august night from an airplane the 19th of March 2017.