Background: I have an account and have been a happy user for over a year. Some of my domains are handled by certbot-auto; some are handled by a custom certificate manager. I am at the point where I need to create one or two additional accounts to manage a portfolio of domain names. The tldr; is that my “personal” information is associated with the current account, and I need to partition/isolate some existing+new domains into two new “professional” portfolios that will have different sets of owners/managers/contacts.
The certbot-auto command won’t let me register a second account on the existing server. I get the following notice:
There is an existing account; registration of a duplicate account with this command is currently unsupported
I could use the ACME API to generate new accounts manually, but I don’t know how/if any of those accounts could be registered with /etc/letsencrypt/... config, or if certbot-auto could even support that.
I don’t have access to a certbot installation right now, but one thing you could try is running certbot register with an empty account directory (either by running it on a separate server, temporarily moving /etc/letsencrypt somewhere else, or using a different value for --config-dir), and then merging both account directories.
You’d have to add --account <account-id> to any command you run after that. (The account ID is just the name of the corresponding subdirectory in the accounts directory, IIRC.)
(Thinking about this some more, maybe using separate --config-dirs in general would be a good enough approach for the kind of isolation you’re looking for.)