Why is another account added?

We had another account added to our letsencrypt accounts file (May '23). The original account had been in there since 2017.

I'm wondering why this happened. I haven't found an answer to why another account was created when we did not add it. This inexplicable account adding seems to have happened to others.

Additionally, there are a couple of locked posts about the "Please Choose Account" solution for the certbot script. It seems the answer is to remove one of the accounts. I want to issue a word of caution about removing accounts. If you have renewal scripts scheduled, they will not work if you remove the account that created the certificate being replace. It's actually safer to delete the new account than the old one.

Example archived topic:

Hi @ccb, and welcome to the LE community forum :slight_smile:

Is it a staging account?
Is it for another CA?


It might be helpful if you post the link(s) to such topics.


It's not for staging. It's the same CA

Once, in the very beginning of Certbot (probably still called "letsencrypt" back then), I too happened to end up with two staging accounts somehow. I don't think that was intentional.

There may have been a bug in the very early versions of Certbot. More up to date versions probably wouldn't have this behaviour.

Also, my Certbot (2.7.0-dev0) doesn't care at all which account is mentioned in the renewal configuration file for some reason. It even complains when I try to renew it non-interactively, because I need to choose the account for some reason.. Which is weird, because it obviously is set in the renewal configuration file. But Certbot doesn't use that option? Bug? :thinking:

1 Like

certbot 2.6.0

certbot renew works fine for both accounts because it's looking for the same one. but removing one used previously was an issue

But also all this time? Did your second account suddenly appear recently and also with Certbot 2.6.0?

If so, you might be able to retrieve/find the log responsible for that in /var/log/letsencrypt/.

Curious, that's not the behaviour I'm seeing myself.

1 Like


yes in May it was the same version.

I know no ones updated it, because are dev ops guy moved on and I handle any issues on the load balancers personally.

Looks like it keeps about a 1000 log files, way to far back to fetch that now.

Are you running certbot renew?

When I tried, yes, I did a certbot renew --cert-name example.com. Not sure if the --cert-name would matter.

Hm, nope, even with just certbot renew Certbot renews just fine, even when I completely delete the account mentioned in the renewal configuration file. Heck, the account option from the renewal configuration file gets updated!

1 Like

If you run certbot twice a day... that's 500 days worth of logs.


Those topics are from 2016 and 2018.
I'm unsure if they are directly related to the current [2023] issue you are raising.
I'd like to see more detail on the accounts created.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.