letsencrypt wildcard with ovh domain verification

https://www.nginx.com/blog/free-certificates-lets-encrypt-and-nginx/
http://matthieukeller.com/2016/12/lets-encrypt-certificate-for-offline-servers-with-ovh-dns.html
https://ungeek.fr/letsencrypt-api-ovh/
https://certbot.eff.org/docs/using.html#certbot-command-line-options

https://github.com/certbot/certbot
https://github.com/antoiner77/letsencrypt.sh-ovh

/etc/letsencrypt/configs/\*.domain.xxx.conf
---------------------------------------------------------------------------------------------------
# the domain we want to get the cert for;
# technically it's possible to have multiple of this lines, but it only worked 
# with one domain for me, another one only got one cert, so I would recommend 
# separate config files per domain.
domains = *.domain.xxx

# increase key size
rsa-key-size = 2048 # Or 4096

#V2 protocol for supporting wildcard
server = https://acme-v02.api.letsencrypt.org/directory

# this address will receive renewal reminders
email = xxxx@yyyyy

# turn off the ncurses UI, we want this to be run as a cronjob
text = True

/opt/letsencrypt/auto-renew.sh
---------------------------------------------------------------------------------------------------
#!/bin/sh

cd /opt/letsencrypt/letsencrypt.sh-ovh/
.././certbot-auto --config /etc/letsencrypt/configs/\*.intra.aleda.fr.conf certonly --manual --manual-auth-hook ./manual-auth-hook.py --manual-cleanup-hook ./manual-cleanup-hook.py --agree-tos --no-eff-email --manual-public-ip-logging-ok --force-renewal --preferred-challenges dns -q

if [ $? -ne 0 ]
 then
        ERRORLOG=`tail /var/log/letsencrypt/letsencrypt.log`
        echo -e "The Let's Encrypt cert has not been renewed! \n \n" \
                 $ERRORLOG
 else
        nginx -s reload
fi

exit 0

------------------------------------------------------------------------------------------------------------------------
Crontab :
0 0 1 JAN,MAR,MAY,JUL,SEP,NOV * /opt/letsencrypt/auto-renew.sh