How many times can I renew per account?


I have a question about the certificate renewal policy of let's encrypt. I'm implementing an automated process to renew certificates on a web server, and I'm wondering if the following is possible:

  1. Create an Acme account
  2. Create Acme order with the account
  3. Get and set the dns challenge to dns
  4. Set generated certificate to web server
  5. Renew certificate, using the same acme account and challenge (?)

According to some information on the internet, I found that the Acme accounts are somewhat disposable, and you are advised to create a new account/challenge every time when in need of a new certificate.

Would it be possible to use the earlier account again, and possibly with the same challenge, just renewing the certificate?

1 Like

Hi @jnn, and welcome to the LE community forum :slight_smile:

I would disagree with this logic.
Accounts take up database space and CPU time to create and maintain.
LE is a free CA - but that doesn't mean that we should purposely abuse those free resources.

Yes, they are not automatically deleted.

No, each renewal (via DNS-01 authentication) will require a new (DNS TXT record) challenge and response.


I'm very curious what that "some information" would be. It sounds like an utterly incorrect and unreliable source! Perhaps you would even call it "incompetent".

Or perhaps you've misunderstood the source? As you're writing "account/challenge" as if it's the same? Which it is not. It's true that for every (regular) renewal a new challenge is required, but that is very distinct from a (new) account!


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.