Staging account deactivated


#1

My staging account got disabled and I want to know if it can be re-enabled. I am using Terraform ACME provider. I was attempting to move from stage to prod and got messed up.

my domain: col-care.services
email address: ops-admin@col-care.com
registration url: https://acme-staging-v02.api.letsencrypt.org/acme/acct/8381704

error message:
acme_registration.oss: acme: Error 403 - urn:ietf:params:acme:error:unauthorized - Account is not valid, has status “deactivated”

Can this be recovered? or do I need to abandon this account?


#2

Hi,

I think @lestaff would be able to help you with this issue.

Thank you


#3

You have to make a new account. (As far as Let’s Encrypt goes, having multiple accounts is not a problem. Especially for the staging environment!)

I’m unsure if anyone on this forum knows exactly how to make Terraform do that. You might have to ask a Terraform forum.



#4

Thanks for the info. Can I use same email and just create new private key to create a new letsencrypt account? or do I need to use a new email address?


#5

You can use the same email address for any number of accounts. :slightly_smiling_face:


#6

Terraform ACME is aggressive in deactivating accounts and revoking certificates when terraform destroy is run. My read of this discussion indicates that the recommendation is to manage your ACME account separately from the certificates so that you can scope the destroy.


#7

It isn’t possible to reactivate a deactivated account. You will always have to create a new one. The ACME protocol itself says that its a one way trip :skull: https://tools.ietf.org/html/draft-ietf-acme-acme-18#section-7.3.6

ACME does not provide a way to reactivate a deactivated account.


closed #8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.