ECDSA ( X1 chain ) issuing problem

Dear Community,
On 20 January I received the confirmation about the ECDSA allow list:

Your request for the specified ACME account ID to be placed on the Let's Encrypt ECDSA allowlist has been moved to production. Now when you request a cert from Let's Encrypt with your ECDSA key, the cert will be issued from our ECDSA hierarchy.

I have tried to issue a new certificate, but I always only get the certificate back from R3.
First of all, I tired with just the certbot:

certbot certonly --key-type=ecdsa --elliptic-curve=secp384r1  --cert-name example.com -d example.com -m myacc@mymailserver.com --agree-tos --standalone

After I tired to generate CSR manually:

openssl ecparam -name secp384r1 -genkey -noout -out example.com.key

openssl req -new -sha256 -key example.com.key -out example.com.csr -subj "/C=Count/ST=Sta/L=Loc/O=Org/OU=Dept/CN=example.com"

certbot certonly --csr example.com.csr -d example.com -m myacc@mymailserver.com --agree-tos --standalone -vvv

After several attempts, I still failed to obtain a certificate issued by E1.
Am I doing something wrong?

Thanks in advance for your help,
D3v

Hi @D3v and welcome to the LE community forum

Have you confirmed the ACME account ID?

Reply to the email and I can let you know which particular ACME account ID(s) are on the list that you requested!

From there, check and see if that is the ACME account ID you are trying to get certificates with. More information about finding your ACME account ID can be found here (although I'm sure you already know how to find it, just a quick reminder link!): Finding Account IDs - Let's Encrypt

Best,
JP

I have sent you the requested details by email.

Responded! I think we got it sorted out, it was an ACME account ID mixup!

-JP

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.