I’m trying to use acme.sh in stateless mode and I keep getting errors related to the authorization key being different. The setup is done in 2 separate Docker containers, one running Nginx with the authorization key received at the registration, the other container runs acme.sh in stateless mode and checks the URL which is served by the Nginx container. Is the authorization key changed frequently? I registered manually and added that key in a script which further generates entries in the Nginx config for multiple domains and I can’t get certificates because this key seems to be different by the one used in the challange.
Is this container persistent - i.e .is it saving the acme.sh settings between runs? The account thumbprint is based on a hash of the ACME account key.
The ACME account key, if missing, is generated and then saved by acme.sh to the filesystem. It is then re-used.
If you run acme.sh in a container that runs from a blank state every time, it's going to keep registering new accounts, with different keys, which will have different thumbprints.
the registration was done on the VM, outside of the acme container.
so you’re saying that i need to do the registration inside the acme container and then export that key to the nginx container (shared volume) and use it as static content for the config of the virtual host?
after i created the “acme.sh-data” folder on the host, i ran the docker run command to create the persisten volume, it worked, i got a new ACCOUNT_THUMBPRINT but no files were written inside my local host “acme.sh-data” folder. am i missing something?
you are right, i changed the directory from inside the container, to another location to be used by my local script but i will adapt that to the “/acme.sh”