Renewal failed, account does not exist

Hi guys, I got notice of my cert expiring recently and when I went to renew it, this is the error I'm getting. I have no idea what it means. If anyone could point me in a direction it would be much appreciated.

The location that it's pointing to when it says "Account does not exist" doesn't exist as far as I can tell.

My domain is: maereax.com

I ran this command: started my swag instance

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/maereax.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Failed to renew certificate maereax.com with error: Account at /etc/letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory/1fcf25757a9a71ae4148a5a8e2c5eee8 does not exist

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
All renewals failed. The following certificates could not be renewed:
  /etc/letsencrypt/live/maereax.com/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

My web server is (include version):

The operating system my web server runs on is (include version): unraid 6.10

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Do you have anything important connected to your account? E.g., the ECDSA root whitelist or rate limit excemptions?

3 Likes

No, nothing that I've setup manually

Ok, perhaps you could try to manually register an account with the current ACME endpoint, version 2 (v2). v1 has been deprecated and shut down some time ago now.

Please try and post the output of the command:

certbot register --server acme-v02.api.letsencrypt.org

And we'll go from there.

2 Likes

root@12d61ebd3b94:/# certbot register --server acme-v02.api.letsencrypt.org

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Enter email address (used for urgent renewal and security notices)
 (Enter 'c' to cancel): **********
An unexpected error occurred:
requests.exceptions.MissingSchema: Invalid URL 'acme-v02.api.letsencrypt.org': No scheme supplied. Perhaps you meant http://acme-v02.api.letsencrypt.org?
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

root@12d61ebd3b94:/# certbot register --server http://acme-v02.api.letsencrypt.org

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Enter email address (used for urgent renewal and security notices)
 (Enter 'c' to cancel): *********
An unexpected error occurred:
requests.exceptions.ConnectionError: ('Connection aborted.', ConnectionResetError(104, 'Connection reset by peer'))
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

Hm, didn't know certbot was that picky. Try it with https:// in front of it.

Although I find it curious why your http:// wouldn't work. It seems Let's Encrypt doesn't allow HTTP access, only HTTPS.

2 Likes

root@12d61ebd3b94:/# certbot register --server https://acme-v02.api.letsencrypt.org

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Enter email address (used for urgent renewal and security notices)
 (Enter 'c' to cancel): ********
An unexpected error occurred:
acme.errors.ClientError: Unexpected response Content-Type: text/html
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

just wanted to take a sec and say thanks for helping me. This is all pretty far over my head

1 Like

Ah yes, sorry, I forgot another thing.. Please add the path /directory to the end of the URL..

The (complete) server URL is https://acme-v02.api.letsencrypt.org/directory

Guess I'm having a heatstroke or something :roll_eyes:

4 Likes

Ok so this command worked and then i restarted my swag instance and got the same error. Is there a way to manually renew that cert through the cli using the new account i just registered?

The cert is either expired or it expires within the next day. Attempting to renew. This could take up to 10 minutes.
<------------------------------------------------->

<------------------------------------------------->
cronjob running on Sun Jul 24 15:39:32 EDT 2022
Running certbot renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/maereax.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Failed to renew certificate maereax.com with error: Account at /etc/letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory/1fcf25757a9a71ae4148a5a8e2c5eee8 does not exist

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
All renewals failed. The following certificates could not be renewed:
  /etc/letsencrypt/live/maereax.com/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

it sure is hot enough for that to be a possibility!

That was my thought also, but first I wanted you to register (or at least check) an account with the v2 API. I'm hoping the following command will do the trick:

certbot renew --cert-name maereax.com --server https://acme-v02.api.letsencrypt.org/directory

If not, we'll need to dive a little bit deeper.

2 Likes

I see CloudFlare:

Name:      maereax.com
Addresses: 2606:4700:3032::6815:471e
           2606:4700:3031::ac43:8ec5
           104.21.71.30
           172.67.142.197
2 Likes

I'm not sure how that's related to an incorrectly set account?

2 Likes

I had to add the commands --tos-agree and --email x but that was successful and upon rebooting swag everything looks normal

Thank you very much, I don't think I would have gotten there by myself!!!

It's not.
It will likely be part of the:

[later - CF is always "part of some problem" or other]

2 Likes

Hm, weird, I could have expected those with the register subcommand, but not sure why they would be necessary for the renew subcommand?

Ah well, as long as it works, it works :stuck_out_tongue:

Apparently not :grin:

3 Likes

Trust me, if you don't know I definitely don't know, but the first time i copy/pasted your command it failed and suggested i may need to add those two arguments. I added both and it took about 15 seconds before it renewed. I rebooted swag again and am able to access my sites and everything seems great. Thank you again and stay cool!

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.