PS C:\windows\system32> Set-PAServer -DirectoryUrl "https://acme.digicert.com/v2/acme/directory/" -Verbose DEBUG: Loading PAServer list from disk DEBUG: Loading PAServer list from disk VERBOSE: Updating directory info from https://acme.digicert.com/v2/acme/directory/ DEBUG: Requesting nonce from https://acme.digicert.com/v2/acme/new-nonce/eYB8Fse_tXZo0KUOZYNwaYlmaAijQTplll4V9nxJ5W0 DEBUG: Saving PAServer to disk DEBUG: Loading PAServer list from disk DEBUG: Enabling cert validation Please review the Terms of Service here: PS C:\windows\system32> New-PAAccount -ID "DigiCert-SingleDomain" -ExtAcctKID $($SingleDomainEab.UserName) -ExtAcctHMACKey $($SingleDomainEab.GetNetworkCredential().Password) -AcceptTOS -Verbose WARNING: No email contacts specified for this account. Certificate expiration warnings will not be sent unless you add at least one with Set-PAAccount. DEBUG: Refreshing valid accounts DEBUG: Loading PAAccount list from disk DEBUG: Loading PAAccount list from disk DEBUG: Creating new ec-256 account with contact: DEBUG: Creating new EC 256 key DEBUG: ACME Header: { "kid": "nnymPtqUzoHXJAKc0uuIDHa0d2agxlsWOgPMoZtfMiQ", "alg": "HS256", "url": "https://acme.digicert.com/v2/acme/new-account/eYB8Fse_tXZo0KUOZYNwaYlmaAijQTplll4V9nxJ5W0" } DEBUG: ACME Payload: {"crv":"P-256","kty":"EC","x":"s918q-hwzvpiZ7e3ablTe3DxgkqOAUu5YD3yWNTccUo","y":"jfK7Ypei42A935UnV-jlgge2vJj63AqVF6X2LdIc-9U"} DEBUG: Signing message using HMAC with hash size 256 DEBUG: ACME Header: { "nonce": "dT5sqoPBOoOg6bBThcP_fAL0h6uf4pNpszIbIeRwyTFodHRwczovL2Vucm9sbG1lMDMucHJvZC5ibHUuZGlnaWNlcnQuY29tOjg0NDM", "alg": "ES256", "jwk": { "crv": "P-256", "kty": "EC", "x": "s918q-hwzvpiZ7e3ablTe3DxgkqOAUu5YD3yWNTccUo", "y": "jfK7Ypei42A935UnV-jlgge2vJj63AqVF6X2LdIc-9U" }, "url": "https://acme.digicert.com/v2/acme/new-account/eYB8Fse_tXZo0KUOZYNwaYlmaAijQTplll4V9nxJ5W0" } DEBUG: ACME Payload: {"externalAccountBinding":{"payload":"eyJjcnYiOiJQLTI1NiIsImt0eSI6IkVDIiwieCI6InM5MThxLWh3enZwaVo3ZTNhYmxUZTNEeGdrcU9BVXU1WUQzeVdOVGNjVW8iLCJ5IjoiamZLN1lwZWk0MkE5MzVVblYtamxnZ2UydkpqNjNBcVZGNlgyTGRJYy05VSJ9","protected":"eyJraWQiOiJubnltUHRxVXpvSFhKQUtjMHV1S URIYTBkMmFneGxzV09nUE1vWnRmTWlRIiwiYWxnIjoiSFMyNTYiLCJ1cmwiOiJodHRwczovL2FjbWUuZGlnaWNlcnQuY29tL3YyL2FjbWUvbmV3LWFjY291bnQvZVlCOEZzZV90WFpvMEtVT1pZTndhWWxtYUFpalFUcGxsbDRWOW54SjVXMCJ9","signature":"20i3Gpb_ereA5y5BLFtpzwZh_DU0hb-0EMEvOmnFzDY"},"termsOfServic eAgreed":true} DEBUG: Signing message using EC with SHA256 DEBUG: POST https://acme.digicert.com/v2/acme/new-account/eYB8Fse_tXZo0KUOZYNwaYlmaAijQTplll4V9nxJ5W0 {"payload":"eyJleHRlcm5hbEFjY291bnRCaW5kaW5nIjp7InBheWxvYWQiOiJleUpqY25ZaU9pSlFMVEkxTmlJc0ltdDBlU0k2SWtWRElpd2llQ0k2SW5NNU1UaHhMV2gzZW5ad2FWbzNaVE5oWW14VVpUTkVlR2RyY1U5QlZYVTFXVVF6ZVZkT1ZHTmpWVzhpTENKNUlqb2lhbVpMTjFsd1pXazBNa0U1TXpWVmJsWXRhbXhuWjJVeWRrcHFOak 5CY1ZaR05sZ3lUR1JKWXkwNVZTSjkiLCJwcm90ZWN0ZWQiOiJleUpyYVdRaU9pSnVibmx0VUhSeFZYcHZTRmhLUVV0ak1IVjFTVVJJWVRCa01tRm5lR3h6VjA5blVFMXZXblJtVFdsUklpd2lZV3huSWpvaVNGTXlOVFlpTENKMWNtd2lPaUpvZEhSd2N6b3ZMMkZqYldVdVpHbG5hV05sY25RdVkyOXRMM1l5TDJGamJXVXZibVYzTFdGalkyOTFi blF2WlZsQ09FWnpaVjkwV0Zwdk1FdFZUMXBaVG5kaFdXeHRZVUZwYWxGVWNHeHNiRFJXT1c1NFNqVlhNQ0o5Iiwic2lnbmF0dXJlIjoiMjBpM0dwYl9lcmVBNXk1QkxGdHB6d1poX0RVMGhiLTBFTUV2T21uRnpEWSJ9LCJ0ZXJtc09mU2VydmljZUFncmVlZCI6dHJ1ZX0","protected":"eyJub25jZSI6ImRUNXNxb1BCT29PZzZiQlRoY1Bf ZkFMMGg2dWY0cE5wc3pJYkllUnd5VEZvZEhSd2N6b3ZMMlZ1Y205c2JHMWxNRE11Y0hKdlpDNWliSFV1WkdsbmFXTmxjblF1WTI5dE9qZzBORE0iLCJhbGciOiJFUzI1NiIsImp3ayI6eyJjcnYiOiJQLTI1NiIsImt0eSI6IkVDIiwieCI6InM5MThxLWh3enZwaVo3ZTNhYmxUZTNEeGdrcU9BVXU1WUQzeVdOVGNjVW8iLCJ5IjoiamZLN1lwZW k0MkE5MzVVblYtamxnZ2UydkpqNjNBcVZGNlgyTGRJYy05VSJ9LCJ1cmwiOiJodHRwczovL2FjbWUuZGlnaWNlcnQuY29tL3YyL2FjbWUvbmV3LWFjY291bnQvZVlCOEZzZV90WFpvMEtVT1pZTndhWWxtYUFpalFUcGxsbDRWOW54SjVXMCJ9","signature":"qoNK2dLBF8qXCAsu8A80iF33w2XbSod4iHsu9dlMLH8qnaB0AS3jTQ1ZdyY27 bXhg0ma4crfRfnfj4WV6aDyNA"} DEBUG: ACME Response: { "externalAccountBinding": {"externalAccountBinding":{"payload":"eyJjcnYiOiJQLTI1NiIsImt0eSI6IkVDIiwieCI6InM5MThxLWh3enZwaVo3ZTNhYmxUZTNEeGdrcU9BVXU1WUQzeVdOVGNjVW8iLCJ5IjoiamZLN1lwZWk0MkE5MzVVblYtamxnZ2UydkpqNjNBcVZGNlgyTGRJYy05VSJ9","protected":"eyJraWQiOi JubnltUHRxVXpvSFhKQUtjMHV1SURIYTBkMmFneGxzV09nUE1vWnRmTWlRIiwiYWxnIjoiSFMyNTYiLCJ1cmwiOiJodHRwczovL2FjbWUuZGlnaWNlcnQuY29tL3YyL2FjbWUvbmV3LWFjY291bnQvZVlCOEZzZV90WFpvMEtVT1pZTndhWWxtYUFpalFUcGxsbDRWOW54SjVXMCJ9","signature":"20i3Gpb_ereA5y5BLFtpzwZh_DU0hb-0E MEvOmnFzDY"},"termsOfServiceAgreed":true}, "orders": "https://acme.digicert.com/v2/acme/account/uHHXl5hUZVgmVWFYTj2W5PJSAPIGDjYwGOknHwMJyDc/orders", "status": "valid", "termsOfServiceAgreed": true } DEBUG: Updated nonce: DdXFBSTh1klikQBLLK-NMUgCq_nnaIQPZ5xmWN_iXnZodHRwczovL2Vucm9sbG1lMDMucHJvZC5ibHUuZGlnaWNlcnQuY29tOjg0NDM id : DigiCert-SingleDomain status : valid contact : location : https://acme.digicert.com/v2/acme/account/uHHXl5hUZVgmVWFYTj2W5PJSAPIGDjYwGOknHwMJyDc key : @{crv=P-256; d=MPlZZWaYslzymJEuBvnuQh4mS2-6huqQTxXKNCFnE24; kty=EC; x=s918q-hwzvpiZ7e3ablTe3DxgkqOAUu5YD3yWNTccUo; y=jfK7Ypei42A935UnV-jlgge2vJj63AqVF6X2LdIc-9U} alg : ES256 KeyLength : ec-256 orders : https://acme.digicert.com/v2/acme/account/uHHXl5hUZVgmVWFYTj2W5PJSAPIGDjYwGOknHwMJyDc/orders sskey : Folder : C:\Posh-Acme\acme.digicert.com\DigiCert-SingleDomain PS C:\windows\system32> New-PAAccount -ID "DigiCert-MultiDomain" -ExtAcctKID $($MultiDomainEab.UserName) -ExtAcctHMACKey $($MultiDomainEab.GetNetworkCredential().Password) -AcceptTOS -Verbose WARNING: No email contacts specified for this account. Certificate expiration warnings will not be sent unless you add at least one with Set-PAAccount. DEBUG: Refreshing valid accounts DEBUG: Loading PAAccount list from disk DEBUG: Refreshing account DigiCert-SingleDomain DEBUG: Refreshing account DigiCert-SingleDomain using newAccount endpoint DEBUG: ACME Header: { "nonce": "DdXFBSTh1klikQBLLK-NMUgCq_nnaIQPZ5xmWN_iXnZodHRwczovL2Vucm9sbG1lMDMucHJvZC5ibHUuZGlnaWNlcnQuY29tOjg0NDM", "alg": "ES256", "jwk": { "crv": "P-256", "kty": "EC", "x": "s918q-hwzvpiZ7e3ablTe3DxgkqOAUu5YD3yWNTccUo", "y": "jfK7Ypei42A935UnV-jlgge2vJj63AqVF6X2LdIc-9U" }, "url": "https://acme.digicert.com/v2/acme/new-account/eYB8Fse_tXZo0KUOZYNwaYlmaAijQTplll4V9nxJ5W0" } DEBUG: ACME Payload: {"onlyReturnExisting": true} DEBUG: Signing message using EC with SHA256 DEBUG: POST https://acme.digicert.com/v2/acme/new-account/eYB8Fse_tXZo0KUOZYNwaYlmaAijQTplll4V9nxJ5W0 {"payload":"eyJvbmx5UmV0dXJuRXhpc3RpbmciOiB0cnVlfQ","protected":"eyJub25jZSI6IkRkWEZCU1RoMWtsaWtRQkxMSy1OTVVnQ3Ffbm5hSVFQWjV4bVdOX2lYblpvZEhSd2N6b3ZMMlZ1Y205c2JHMWxNRE11Y0hKdlpDNWliSFV1WkdsbmFXTmxjblF1WTI5dE9qZzBORE0iLCJhbGciOiJFUzI1NiIsImp3ayI6eyJjcnYiOiJQL TI1NiIsImt0eSI6IkVDIiwieCI6InM5MThxLWh3enZwaVo3ZTNhYmxUZTNEeGdrcU9BVXU1WUQzeVdOVGNjVW8iLCJ5IjoiamZLN1lwZWk0MkE5MzVVblYtamxnZ2UydkpqNjNBcVZGNlgyTGRJYy05VSJ9LCJ1cmwiOiJodHRwczovL2FjbWUuZGlnaWNlcnQuY29tL3YyL2FjbWUvbmV3LWFjY291bnQvZVlCOEZzZV90WFpvMEtVT1pZTndhWWx tYUFpalFUcGxsbDRWOW54SjVXMCJ9","signature":"Fk3T6pVTDzBPh_yxEKGWhbljVvzMeflefOM23XhxwIw3jWZkbo4VWOzx_xN7aQXQoFGXUQwcPPo9ZTY6maWkYw"} DEBUG: ACME Response: { "orders": "https://acme.digicert.com/v2/acme/account/uHHXl5hUZVgmVWFYTj2W5PJSAPIGDjYwGOknHwMJyDc/orders", "status": "valid", "termsOfServiceAgreed": true } DEBUG: Updated nonce: PO47eAcE2xDTCRpCo9teHWhUelPz5kZEQfPu8-D7pzFodHRwczovL2Vucm9sbG1lMDMucHJvZC5ibHUuZGlnaWNlcnQuY29tOjg0NDM DEBUG: Loading PAAccount list from disk DEBUG: Creating new ec-256 account with contact: DEBUG: Creating new EC 256 key DEBUG: ACME Header: { "kid": "-rzgOQJCJu5v9Jb2HkFUUP8_5MzFsVCeobnjomuVeqE", "alg": "HS256", "url": "https://acme.digicert.com/v2/acme/new-account/eYB8Fse_tXZo0KUOZYNwaYlmaAijQTplll4V9nxJ5W0" } DEBUG: ACME Payload: {"crv":"P-256","kty":"EC","x":"8BpAjQAqQnSrKLkCrp0hgOrAt4gDR8DJxnB6Uv0yWMY","y":"bUJraPSZQaYyRiAH9Pc4Tn3mzGRUXBrxGcf-B_LlV7o"} DEBUG: Signing message using HMAC with hash size 256 DEBUG: ACME Header: { "nonce": "PO47eAcE2xDTCRpCo9teHWhUelPz5kZEQfPu8-D7pzFodHRwczovL2Vucm9sbG1lMDMucHJvZC5ibHUuZGlnaWNlcnQuY29tOjg0NDM", "alg": "ES256", "jwk": { "crv": "P-256", "kty": "EC", "x": "8BpAjQAqQnSrKLkCrp0hgOrAt4gDR8DJxnB6Uv0yWMY", "y": "bUJraPSZQaYyRiAH9Pc4Tn3mzGRUXBrxGcf-B_LlV7o" }, "url": "https://acme.digicert.com/v2/acme/new-account/eYB8Fse_tXZo0KUOZYNwaYlmaAijQTplll4V9nxJ5W0" } DEBUG: ACME Payload: {"externalAccountBinding":{"payload":"eyJjcnYiOiJQLTI1NiIsImt0eSI6IkVDIiwieCI6IjhCcEFqUUFxUW5TcktMa0NycDBoZ09yQXQ0Z0RSOERKeG5CNlV2MHlXTVkiLCJ5IjoiYlVKcmFQU1pRYVl5UmlBSDlQYzRUbjNtekdSVVhCcnhHY2YtQl9MbFY3byJ9","protected":"eyJraWQiOiItcnpnT1FKQ0p1NXY5SmIySGtGV VVQOF81TXpGc1ZDZW9ibmpvbXVWZXFFIiwiYWxnIjoiSFMyNTYiLCJ1cmwiOiJodHRwczovL2FjbWUuZGlnaWNlcnQuY29tL3YyL2FjbWUvbmV3LWFjY291bnQvZVlCOEZzZV90WFpvMEtVT1pZTndhWWxtYUFpalFUcGxsbDRWOW54SjVXMCJ9","signature":"hqdIgCRoa3WEEE5BWI_yFCyRNiAiXNb4B-kC8L8fags"},"termsOfServic eAgreed":true} DEBUG: Signing message using EC with SHA256 DEBUG: POST https://acme.digicert.com/v2/acme/new-account/eYB8Fse_tXZo0KUOZYNwaYlmaAijQTplll4V9nxJ5W0 {"payload":"eyJleHRlcm5hbEFjY291bnRCaW5kaW5nIjp7InBheWxvYWQiOiJleUpqY25ZaU9pSlFMVEkxTmlJc0ltdDBlU0k2SWtWRElpd2llQ0k2SWpoQ2NFRnFVVUZ4VVc1VGNrdE1hME55Y0RCb1owOXlRWFEwWjBSU09FUktlRzVDTmxWMk1IbFhUVmtpTENKNUlqb2lZbFZLY21GUVUxcFJZVmw1VW1sQlNEbFFZelJVYmpOdGVrZFNWVm hDY25oSFkyWXRRbDlNYkZZM2J5SjkiLCJwcm90ZWN0ZWQiOiJleUpyYVdRaU9pSXRjbnBuVDFGS1EwcDFOWFk1U21JeVNHdEdWVlZRT0Y4MVRYcEdjMVpEWlc5aWJtcHZiWFZXWlhGRklpd2lZV3huSWpvaVNGTXlOVFlpTENKMWNtd2lPaUpvZEhSd2N6b3ZMMkZqYldVdVpHbG5hV05sY25RdVkyOXRMM1l5TDJGamJXVXZibVYzTFdGalkyOTFi blF2WlZsQ09FWnpaVjkwV0Zwdk1FdFZUMXBaVG5kaFdXeHRZVUZwYWxGVWNHeHNiRFJXT1c1NFNqVlhNQ0o5Iiwic2lnbmF0dXJlIjoiaHFkSWdDUm9hM1dFRUU1QldJX3lGQ3lSTmlBaVhOYjRCLWtDOEw4ZmFncyJ9LCJ0ZXJtc09mU2VydmljZUFncmVlZCI6dHJ1ZX0","protected":"eyJub25jZSI6IlBPNDdlQWNFMnhEVENScENvOXRl SFdoVWVsUHo1a1pFUWZQdTgtRDdwekZvZEhSd2N6b3ZMMlZ1Y205c2JHMWxNRE11Y0hKdlpDNWliSFV1WkdsbmFXTmxjblF1WTI5dE9qZzBORE0iLCJhbGciOiJFUzI1NiIsImp3ayI6eyJjcnYiOiJQLTI1NiIsImt0eSI6IkVDIiwieCI6IjhCcEFqUUFxUW5TcktMa0NycDBoZ09yQXQ0Z0RSOERKeG5CNlV2MHlXTVkiLCJ5IjoiYlVKcmFQU1 pRYVl5UmlBSDlQYzRUbjNtekdSVVhCcnhHY2YtQl9MbFY3byJ9LCJ1cmwiOiJodHRwczovL2FjbWUuZGlnaWNlcnQuY29tL3YyL2FjbWUvbmV3LWFjY291bnQvZVlCOEZzZV90WFpvMEtVT1pZTndhWWxtYUFpalFUcGxsbDRWOW54SjVXMCJ9","signature":"pcCNrl8HxS55rgs-hHuVZ89NpziXg1SU8MatACsTrrjBw0UF8fdEDhHhly5Lb Yacdtce1Pq7oWSrU3K50xTOnw"} DEBUG: Updated nonce from error response: UhBuCEsArsCbVoAwnlO0lbZ-6TQ7JgA8EYu5Bh00B3BodHRwczovL2Vucm9sbG1lMDMucHJvZC5ibHUuZGlnaWNlcnQuY29tOjg0NDM DEBUG: Response Code 400, Body: {"detail":"eab kId mismatch","status":400,"type":"urn:ietf:params:acme:error:accountDoesNotExist"} New-PAAccount : eab kId mismatch At line:1 char:1 + New-PAAccount -ID "DigiCert-MultiDomain" -ExtAcctKID $($MultiDomainEa ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : OperationStopped: (:) [New-PAAccount], AcmeException + FullyQualifiedErrorId : eab kId mismatch,New-PAAccount PS C:\windows\system32>