I ran this command: sudo certbot renew --reuse-key --force-renewal
It produced this output:
Failed to renew certificate with error: Account at /etc/letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory/3797ff04176ba8551e6fc15a25dcd614 does not exist
My web server is (include version): Express Node v10.23.0
The operating system my web server runs on is (include version): Ubuntu 18 (Old machine), Ubuntu 20 (New machine)
My hosting provider, if applicable, is: AWS
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
Old machine - 0.31.0
New machine - 1.11.0
I am trying to move the keys from one server to another. I followed the steps from this link. I successfully migrated and it's working. But when I tried to renew the certificate I got the above mentioned error.
The reason I wanted to use the same key is because it is a mobile app server, and a lot of users already have the apps installed with the existing key.
Note:
Your account was created under the ACMEv1 API, which is deprecated and will soon be obsolete.
The error that you are seeing is likely due to your certbot renewal configuration files referring to an ACME account file that didn't get migrated properly. You can simply register a new ACME account (if you haven't created one already) and acquire a new certificate (even with reusing the certificate private key).
You might need to update your certificate renewal configuration files to point to the new account. When you use --reuse-key, the private key is taken from an existing certificate file in the archive folder for that certificate that is pointed-to by the symlink in the live folder for that certificate.
You can test your renewal using the following command without needing to use the abominable --force-renewal option:
sudo certbot renew --reuse-key --dry-run
If that command succeeds, your renewals should be fine.
By the way, I'm surprised that more people aren't encountering this same error when following the tutorial you followed—I expect it should always produce the error you ran into! (I wonder if some people are including more files in their backup than the tutorial explicitly told them to.)