Error creating new cert :: Certificate public key must be different than account key","status":400} about acme-tiny HOT 4 CLOSED

The error message says that you are using the same key as account.key and domain.key. See steps 1 and 2 in readme. These steps are to create two seperate keys.

The LE client also creates two key pairs. Which one did you use and how did you convert it?
If you do not know exactly what private keys are and how to use them, you'd better use the official LE client.

from acme-tiny.

The error message says that you are using the same key as account.key and domain.key.
See steps 1 and 2 in readme. These steps are to create two seperate keys.

The domain. key is what I missed indeed. Works now like a charm, thanks.

The LE client also creates two key pairs. Which one did you use and how did you convert it?

Of course I wanted to keep the account key tied to my first registration (this remained after an unsuccessful attempt to get a certificate with the le client running on a local machine, because I exactly didn't want to perform the procedure on the server). This left 0000_key-letsencrypt.pem in /etc/letsencrypt/keys, which I used for authentication (and erroneously as the domain.key).

from acme-tiny.

Thread high in Google search results ;) The documentation is somewhat vague on this topic.. or simply I didn't read too carefully. For anyone still having this problem. You need two different private keys! Eg:

openssl genrsa 4096 > letsencrypt-account.key
openssl genrsa 4096 > domain.key

That LetsEncrypt's explicit requirement. Only sign the CSR with the domain.key, use letsencrypt-account.key with this excellent tool to register the account. Good luck.

from acme-tiny.

I don't think documentation is vague on this subject at least in acme-tiny readme, which quite clearly has step by step instructions, including generating account key or converting already existing one, and then generating certificate key.

from acme-tiny.