How do I switch the authentication method to enable auto renew in the future?
btw, I would prefer that the path doesn't change where the cert and key is located because some applications I use, use the exact path. I don't know if this is important because you mentiont that there is a -0001 in the name.
The path usually only changes if/when you use a similar (but not exact same) set of domain names.
So, I suspect that at some point you had another cert with less, or more, name(s) on it.
You basically reissue/renew the cert; that will record that method used into the renewal process file.
That said, I see that you got a wildcard cert.
Wildcard certs can only be authenticated via DNS.
If your DNS Service Provider (DSP) doesn't support DNS updates via API, you won't be able to automate renewals that way and won't be able to automate the wildcard entry.
If that is the case, you might consider spelling out all the names that you actually need - LE certs can hold up to 100 names in the SAN field.
If the DSP does support updates via API, then you will need to use an ACME client that supports a plugin that works with that DSP.
certbot certonly \
> --dns-ovh \
> --dns-ovh-credentials ~/.secrets/certbot/ovh.ini \
> -d noobs.fun \
> -d *.noobs.fun
certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...
Certbot can obtain and install HTTPS/TLS/SSL certificates. By default,
it will attempt to use a webserver both for obtaining and installing the
certbot: error: unrecognized arguments: --dns-ovh-credentials /root/.secrets/certbot/ovh.ini
Why does it not know the '--dns-ovh-credentials' command?
Looking at the ancient version of certbot you're currently running, you installed it using apt. You can check by running apt list certbot.
If you indeed used apt go install certbot, I recommend to switch to snap using the official certbot documentation for wildcard certificates here: Certbot - Ubuntubionic Nginx In the instructions, it has a step where you should remove the certbot installed using apt and continue using snap.
At the step where I install certbot with sudo snap install --classic certbot, I get this message:
error: cannot perform the following tasks:
- Run hook prepare-plug-plugin of snap "certbot" (run hook "prepare-plug-plugin":
Only connect this interface if you trust the plugin author to have root on the system.
Run `snap set certbot trust-plugin-with-root=ok` to acknowledge this and then run this command again to perform the connection.
If that doesn't work, you may need to remove all certbot-dns-* plugins from the system, then try installing the certbot snap again.
Running snap set certbot trust-plugin-with-root=ok like written in the message doesn't work because snap certbot can't befound.
Edit: Ok, I needed to remove the dns plugin first. Now its working