Can't generate certificate - Unable to validate JWS

Help
1

I am trying to renew my SSL certificate using Really Simple Security (Let's Encrypt), but the process fails with the following error:

Unable to validate JWS :: Account "https://acme-v02.api.letsencrypt.org/acme/acct/3398624846" not found

My domain is: postepyprac.pl

I ran this command: I tried to renew certifcate with really simple ssl plugin

It produced this output:
Unable to validate JWS :: Account "https://acme-v02.api.letsencrypt.org/acme/acct/3398624846" not found

My web server is (include version): Apache 2.4.67

The operating system my web server runs on is (include version): Linux (Kernel 5.14.0-611.54.6.el9_7.x86_64)

My hosting provider, if applicable, is: webd.pl

I can login to a root shell on my machine (yes or no, or I don't know): i dont know

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): wordpress 7.0

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): Really Simple Security 9.5.11

2

I am experiencing the same issue. My deployments worked until today, nothing changed on our end.

I am using DigitalOcean DNS verification. Here are my debug logs:

Initialized: <certbot_dns_digitalocean._internal.dns_digitalocean.Authenticator object at 0x78f1a47fd8e0>
Prep: True
2026-06-03 08:56:58,603:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot_dns_digitalocean._internal.dns_digitalo
cean.Authenticator object at 0x78f1a47fd8e0> and installer None

2026-06-03 08:56:58,603:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator dns-digitalocean, Installer None
2026-06-03 08:56:58,921:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2026-06-03 08:56:58,924:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2026-06-03 08:56:59,322:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 1033
2026-06-03 08:56:59,323:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 03 Jun 2026 08:56:59 GMT
Content-Type: application/json
Content-Length: 1033
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "F-pfTjpwOto": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "profiles": {
      "classic": "https://letsencrypt.org/docs/profiles#classic",
      "shortlived": "https://letsencrypt.org/docs/profiles#shortlived",
      "tlsclient": "https://letsencrypt.org/docs/profiles#tlsclient",
      "tlsserver": "https://letsencrypt.org/docs/profiles#tlsserver"
    },
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.6-August-18-2025.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "renewalInfo": "https://acme-v02.api.letsencrypt.org/acme/renewal-info",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2026-06-03 08:56:59,323:DEBUG:acme.client:Requesting fresh nonce
2026-06-03 08:56:59,323:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2026-06-03 08:56:59,454:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2026-06-03 08:56:59,455:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 03 Jun 2026 08:56:59 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: nZyQ48DWvwlolYpQfRmORkp4oKN4DEXtAWBHY3badYXGdPNqHVQ
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800


2026-06-03 08:56:59,455:DEBUG:acme.client:Storing nonce: nZyQ48DWvwlolYpQfRmORkp4oKN4DEXtAWBHY3badYXGdPNqHVQ
2026-06-03 08:56:59,455:DEBUG:acme.client:JWS payload:
b'{\n  "contact": [\n    "mailto:[EMAIL]"\n  ],\n  "termsOfServiceAgreed": true\n}'
2026-06-03 08:56:59,460:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-acct:
{
  "protected": "[MASKED_B64_DATA]",
  "signature": "[MASKED_B64_DATA]",
  "payload": "[MASKED_B64_DATA]"
}
2026-06-03 08:56:59,657:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-acct HTTP/1.1" 201 477
2026-06-03 08:56:59,657:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Wed, 03 Jun 2026 08:56:59 GMT
Content-Type: application/json
Content-Length: 477
Connection: keep-alive
Boulder-Requester: [AccountID]
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://letsencrypt.org/documents/LE-SA-v1.6-August-18-2025.pdf>;rel
="terms-of-service"
Location: https://acme-v02.api.letsencrypt.org/acme/acct/[AccountID]
Replay-Nonce: 9eg3l56RJ6VD85LSfIq8RJ_JInr1b_UqmWEHl0ldTBI9YRdROOA
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "key": {
    "kty": "RSA",
    "n": "[MASKED_KEY_MODULUS]",
    "e": "AQAB"
  },
  "createdAt": "2026-06-03T08:56:59.566939088Z",
  "status": "valid"
}
2026-06-03 08:56:59,657:DEBUG:acme.client:Storing nonce: 9eg3l56RJ6VD85LSfIq8RJ_JInr1b_UqmWEHl0ldTBI9YRdROOA
2026-06-03 08:56:59,659:DEBUG:certbot._internal.display.obj:Notifying user: Account registered.
2026-06-03 08:56:59,661:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=JWKRSA(key=<Comp
arableRSAKey(<cryptography.hazmat.backends.openssl.rsa._RSAPublicKey object at 0x78f1a0370dd0>)>), contact=(), agreement=None, status='va
lid', terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/
acme/acct/[AccountID]', new_authzr_uri=None, terms_of_service='https://letsencrypt.org/documents/LE-SA-v1.6-August-18-2025.pdf'), 65ce985f
955aef0a38a3efe67cfa6fce, Meta(creation_dt=datetime.datetime(2026, 6, 3, 8, 56, 59, tzinfo=<UTC>), creation_host='[HOSTNAME]', reg
ister_to_eff=None))>
2026-06-03 08:56:59,662:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for [DOMAIN]
2026-06-03 08:56:59,671:DEBUG:acme.client:JWS payload:
b'{\n  "identifiers": [\n    {\n      "type": "dns",\n      "value": "[DOMAIN]"\n    }\n  ]\n}'
2026-06-03 08:56:59,673:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
  "protected": "[MASKED_B64_DATA]",
  "signature": "[MASKED_B64_DATA]",
  "payload": "[MASKED_B64_DATA]"
}
2026-06-03 08:57:00,807:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 400 200
2026-06-03 08:57:00,808:DEBUG:acme.client:Received response:
HTTP 400
Server: nginx
Date: Wed, 03 Jun 2026 08:57:00 GMT
Content-Type: application/problem+json
Content-Length: 200
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: nZyQ48DWRmV8UnZxmM7QcCz7z6xvzI7OPvdaTru7_gKLEMXZcWw

{
  "type": "urn:ietf:params:acme:error:accountDoesNotExist",
  "detail": "Unable to validate JWS :: Account \"https://acme-v02.api.letsencrypt.org/acme/acct/[AccountID]\" not found",
  "status": 400
}
2026-06-03 08:57:00,808:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
  File "/usr/bin/certbot", line 33, in <module>
    sys.exit(load_entry_point('certbot==2.9.0', 'console_scripts', 'certbot')())
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 19, in main
    return internal_main.main(cli_args)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1894, in main
    return config.func(config, plugins)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1600, in certonly
    lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 143, in _get_and_save_cert
    lineage = le_client.obtain_and_enroll_certificate(domains, certname)
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 517, in obtain_and_enroll_certificate
    cert, chain, key, _ = self.obtain_certificate(domains)
                          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 428, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 478, in _get_order_and_authorizations
    orderr = self.acme.new_order(csr_pem)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/acme/client.py", line 137, in new_order
    response = self._post(self.directory['newOrder'], order)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/acme/client.py", line 365, in _post
    return self.net.post(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/acme/client.py", line 738, in post
    return self._post_once(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/acme/client.py", line 751, in _post_once
    response = self._check_response(response, content_type=content_type)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/acme/client.py", line 602, in _check_response
    raise messages.Error.from_json(jobj)
acme.messages.Error: urn:ietf:params:acme:error:accountDoesNotExist :: The request specified an account that does not exist :: Unable to validate JWS :: Account "https://acme-v02.api.letsencrypt.
org/acme/acct/[AccountID]" not found
2026-06-03 08:57:00,823:ERROR:certbot._internal.log:An unexpected error occurred:
2026-06-03 08:57:00,826:ERROR:certbot._internal.log:Unable to validate JWS :: Account "https://acme-v02.api.letsencrypt.org/acme/acct/[AccountID]" not found
2026-06-03 08:58:41,386:DEBUG:certbot._internal.main:certbot version: 2.9.0
2026-06-03 08:58:41,387:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot
2026-06-03 08:58:41,387:DEBUG:certbot._internal.main:Arguments: ['--email', '[EMAIL]', '--agree-tos', '--no-eff-email', '--dns-digitalocean', '--dns-digitalocean-credentials', '/root/.config/certbot.ini', '-d', '[DOMAIN]']
2026-06-03 08:58:41,387:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#dns-digitalocean,PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalon
e,PluginEntryPoint#webroot)
3

I have contacted LE staff to look into things. (5)

4

It seems to be working again :+1:

5

Sorry folks. It appears we had some database trouble last night. We've been working on it. Things should be fine for now.