Registered, cert request still says needs account registered?

My domain is: n/a for this question

I ran this command: sudo /usr/local/bin/certbot show_account

It produced this output:

Account details for server
  Account URL:
  Account Thumbprint: abcdefPLjU7D8...123456789
  Email contact:

So in theory the registration process is complete. However, when trying to request a certificate certbot says the registration hasn't been completed:

$ sudo /usr/local/bin/certbot certonly --non-interactive --dns-route53 -d '' --staging
Saving debug log to /var/log/letsencrypt/letsencrypt.log
You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags.

without the --non-interactive flag, certbot prompts. This is inline with the idea that certbot thinks the registration is incomplete.

It's not a huge deal - I can always specify the extra args on every certbot command, but I think I'm doing something wrong if that's necessary?

Without the --non-interactive flag, and answering the prompts certbot otherwise runs fine - gets the certificates properly, behaves as expected etc.

My web server is (include version): certonly/manual

The operating system my web server runs on is (include version):

RHEL (Rocky) 9, using the snap version of certbot (2.8.0)

I can login to a root shell on my machine: yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is: 2.8.0

The account for staging is different than the account for production.

I think you might want to certbot register with --staging to set up your staging account, and can do certbot show_account --staging to see it, though I haven't tried it myself.


The account for staging is different than the account for production.

Thanks for pointing that out. I added staging into the mix to do some scripting/testing and didn't catch my mistake that I needed to register with staging. Good call.


I'm curious if the --dry-run option also requires a separate registration of the staging account.. :thinking:

1 Like

I think it should.
It runs through the exact same process as a cert issuance - it just discards the event.
[i.e. the cert issuance process requires an account]

1 Like

Sure, let me rephrase: does it in the case of a --dry-run also complain/ask the user for more info when trying to register a staging account? Or does it simply register one without an email address for example?


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.