I think the issue with the acme
module is that it doesn’t provide the equivalent of get_or_create_account
- a flow which is supported/encouraged by ACME.
It is almost possible by using messages.NewRegistration(key=jwk.public_key(), only_return_existing=False)
, but acme.new_account throws a ConflictError if it actually finds an account, leaving you unable to access the regr
info.
From my reading, the only way to do it is what Certbot does - serialize and save the messages.RegistrationResource
that you get from a successful new_account
call, and then pass it in again in ClientNetwork(account=regr, ...)
on subsequent visits.
(Edit: here are the places where Certbot seems to save and load the regr, respectively: https://github.com/certbot/certbot/blob/3608abb01a535c35740d82ce37b9ebdef3076886/certbot/account.py#L332-L335, https://github.com/certbot/certbot/blob/3608abb01a535c35740d82ce37b9ebdef3076886/certbot/account.py#L226)
Maybe this is a decent issue to report to Certbot, to make the acme
module more usable.