Forum OpenACS Q&A: letsencrypt No account exists with the provided key

Hi ,

i have been trying to get the certificate for my site, I already setup the following :
- edit letsencrypt.tcl - added ID, password and made sure flag was set to 1.
- edited /usr/local/ns/config-fd6-prod.tcl
-added this line:
ns_param certificate $serverroot/etc/certfile.pem and verified $serverroot value is /var/www/fd6-prod

when I run letsencrypt file on my browser I got this message:

Obtaining a certificate from Let's Encrypt using the Production API:

Let's Encrypt URLs (production API):

Reuse existing account registration at Let's Encrypt (/usr/local/ns/modules/nsssl/letsencrypt-production-account.key)
parseAccountKey /usr/local/ns/modules/nsssl/letsencrypt-production-account.key

jwk: {"e":"AQAB","kty":"RSA","n":"1iNaphOl368Bvpq8L7rXBzNyIHUBagaY5Pd76kRdEyhDSXJx4ZT6qcFvgBYfOb9LExC8DCjHbJWK89yjFwDusgpySNzjsSDz0c_5RwSkVKeL5uqtjiYV3P9Pbyr7wIlHIAJwpKSxTr-5HoCY9-7udu5CEdq8VJH3c1foJEgY_dByr4VMVabRXO5lRTdiOC5x-quSyW3SA0nvinK4g7NKgGr75OCCSGBN2E5ytPRGi2fUCWe3DrDqzhm0fguGE71MdD5hm3Ql172BUBUHtGlyuEBh1gXMSm65q9NY8GMJJI9CeaNDG8XIZL6ybaEKKrNb5Uwg98uufAoZwnQja6jsqw"}
thumbprint64: CHVhdUny3UhaCUHqT7-3Ruedzs-A6O4shAJr6SAbSnE

reply from letsencrypt:
  "type": "urn:ietf:params:acme:error:accountDoesNotExist",
  "detail": "No account exists with the provided key",
  "status": 400

authorization for existing account failed ended with HTTP status 400

   server: nginx
   date: Fri, 26 Mar 2021 21:20:25 GMT
   content-type: application/problem+json
   content-length: 134
   connection: close
   cache-control: public, max-age=0, no-cache
   link: <>;rel="index"
   replay-nonce: 0004urWDJXEmuFjNwWu0MnRx2HzWU3rjlIlxu2x_0fdQHhA

  "type": "urn:ietf:params:acme:error:accountDoesNotExist",
  "detail": "No account exists with the provided key",
  "status": 400
Posted by Gustaf Neumann on
Dear Cesar,

there is no need to edit letsencrpt.tcl. The script creates its own account and manages it. One machine can use many letsencrypt accounts in parallel. It is actually a good idea to use one letsencrypt account for one naviserver to ease moving installations around.

Once the certificate is retrieved from letsencrypt, it is named after the first domain name (e.g. on "") and inserted in the configuraton file in the "ns/module/nsssl" section, if it is not there already.

Hope this helps.

Dear Gustaf,

Thanks for your prompt response, yes it helped me a lot, the site is certified.

Thank you!!!

Posted by Gustaf Neumann on
Good news!
Thanks for the feedback
Cheers -g