Hi,
Working with the acme4j for a while with Let’s Encrypt and everything working well.
Now, we are considering to use some other CA as a backup, and this CA requires External Account Binding in order to use the acme API.
Tried to do it using the acme4j client and encountered the following exception:
“[External Account Binding] The account is not awaiting external account binding”
Are you using acme4j directly, or via a client tool?
When you open the directory URL of the CA in a browser, you should find a key externalAccountRequired in the meta section, which should have the value true. Otherwise the CA is not requesting External Account Binding.
The code looks good to me. Another reason could be that you are using a Session instance that is connecting to a different server (e.g. the Let’s Encrypt server). You can use Session.getServerUri() and check if the server URI is correct.
Due to tight unit tests, I am confident that the Custom Key Identifier is correctly implemented in acme4j, but it hasn’t been field tested yet (at least not that I am aware of). If there is a bug in acme4j, or if the CA needs a special handling, I’ll gladly help.