How can I have two accounts?


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
I have more than one, but for now: RWF360.COM.BR
I ran this command:
certbot-auto
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache

Please choose an account
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: ip-172-30-2-151.ec2.internal@2018-03-24T09:03:47Z (bb6a)
2: ip-172-30-2-151.ec2.internal@2016-08-05T12:18:34Z (ae6a)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel): 1
My web server is (include version):
Server version: Apache/2.4.7 (Ubuntu)
Server built: Apr 18 2018 15:36:26
The operating system my web server runs on is (include version):
UBUNTU 14-04 LTS
My hosting provider, if applicable, is:
Dedicated Server AWS EC2
I can login to a root shell on my machine (yes or no, or I don’t know):
Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No

I’ve been using CERTBOT since 2016 and now this message appears.

I checked the /etc and found:

root@ip-172-30-2-151:/etc/letsencrypt/accounts# tree .

.
├── acme-staging.api.letsencrypt.org
│ └── directory
│ └── 75b6e6ec114a3e5a9a5628c8cf975f76
│ ├── meta.json
│ ├── private_key.json
│ └── regr.json
├── acme-staging-v02.api.letsencrypt.org
│ └── directory
│ └── ec85c707d8da0e64b7f3748c2ded75d0
│ ├── meta.json
│ ├── private_key.json
│ └── regr.json
├── acme-v01.api.letsencrypt.org
│ └── directory
│ └── ae6a0340fc39c2c60c15f9c4f98d6788
│ ├── meta.json
│ ├── private_key.json
│ └── regr.json
└── acme-v02.api.letsencrypt.org
└── directory
├── ae6a0340fc39c2c60c15f9c4f98d6788 -> /etc/letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory/ae6a0340fc39c2c60c15f9c4f98d6788
└── bb6a5da63d4a7f3e522ef5f6fc354265
├── meta.json
├── private_key.json
└── regr.json

I checked meta.jason and there is two situations:

{“creation_host”: “ip-172-30-2-151.ec2.internal”, “creation_dt”: “2016-08-05T12:18:34Z”}

and

{“creation_host”: “ip-172-30-2-151.ec2.internal”, “creation_dt”: “2018-03-24T09:03:47Z”}

I don’t know why it happened.

Any idea?

Thanks a lot!


#2

Hi @emanueltavares

you can have a lot of accounts. This is not really a problem.

Your first is from the version-1 - system. This account is also used with v02.

Your second may be from the staging / testsystem. If you use the test-option or dry-run, the testsystem is used.


#3

It’s due to how Certbot handled the transition from https://acme-v01.api.letsencrypt.org/ to https://acme-v02.api.letsencrypt.org/.

Let’s Encrypt allows you to reuse the same account with the acme-v01 and acme-v02 endpoints, but older versions of Certbot didn’t take advantage of this, so you registered a new account the first time you used “--server https://acme-v02.api.letsencrypt.org/directory” on March 24.

More recent versions of Certbot share accounts… but you already have a second account, so now it prompts you about it.

You didn’t do anything wrong.

I’m not sure what you should do, though. Other than picking one of the accounts when creating new certificates. (It shouldn’t matter which one.)

(Also, don’t just delete one of the accounts. You would have to update the renewal configuration too.)


#4

Thanks for so fast answers.

I don’t know how the second account was created. Certificates are not my specialty.

The problem is that the domain RWF360.COM.BR is showing as NOT SECURE if I redirect the traffic to HTTPS, and I tried to solve it regenerating the certificate.

It was at this moment that I found those two accounts.

How can I choose one to use?

Thanks again.


#5

Your certificate is valide, created today. This is only a problem of your website - you have mixed content.

Your page loads something per http, not per https.

Use FireFox or Chrome, then CTRL + Shift + I, then select the Console. There the wrong urls are listed.

Sample:

http :// www . rwf360. com . br /wp-content/uploads/2015/11/logoHcolor_RWF360.png


#6

HI!

Thanks a lot.

I was changed the URL on WP settings, but it was not enough.

I used a plugin called WP Migrate DB and I applied an update changing all from http:// to htttps://

But, regarding accounts, which one I used now? The newer?


#7

It really doesn’t matter. They’ll both work.

It would only matter if you had requested a rate limit increase for one of the accounts.


#8

Thank you, guys.

You were great!


#9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.