Create an ACME account

The PREREGISTER action creates an ACME account with its external account binding (EAB) details. These details consist of a MAC Key (eabMACKeyb64url) and a Key ID (eabMACIDb64url). For each ACME account created this way, the acmeAccountID is set to the same value as the eabMACIDb64url.

Once an initial ACME account has been created, an ACME client may complete account registration via newAccount using the existing EAB details. These EAB details can be re-used to register multiple ACME accounts. Each new ACME account created in this way will share the same EAB details but will have a different acmeAccountID. The command to complete account registration via newAccount depends on the chosen ACME client and can be found in the vendor’s documentation

Some ACME clients allow you to register an ACME account, request a certificate, and validate the domain name all in a single ACME client command.

Be aware of security risks when setting up multiple ACME accounts that share the same external account binding (EAB) credentials.

The following diagram illustrates the relationship between EAB credentials, ACME accounts, and domains:

The creation of ACME accounts does not initiate a subscription and may be done at any time.

Before registering an ACME account, you must know which Sectigo ACME server URL you want to use. To see the ACME servers available to you, List ACME servers.

Action: PREREGISTER

Variable Name Type Max. Length Description

Variable Name	Type	Max. Length	Description
`loginName`	string	64 chars	Your account username. This value is case sensitive.
`loginPassword`	string	128 chars	Your account password. This value is case sensitive.
`action`	string	30 chars	The action to be taken. In this case, the value is: `PREREGISTER`.
`serverUrl`	string	32 chars	The sectigo ACME server to be used. Available ACME server URLs can be fetched using `LISTSERVERS` action.

loginName

string

64 chars

Your account username.

This value is case sensitive.

loginPassword

string

128 chars

Your account password.

This value is case sensitive.

action

string

30 chars

The action to be taken.

In this case, the value is: PREREGISTER.

serverUrl

string

32 chars

The sectigo ACME server to be used.

Available ACME server URLs can be fetched using LISTSERVERS action.

Sample request

curl --location --request POST 'https://secure.trust-provider.com/products/!ACMEAdmin' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'loginName=loginName' \
--data-urlencode 'loginPassword=loginPassword' \
--data-urlencode 'action=PREREGISTER' \
--data-urlencode 'serverURL=https://acme.sectigo.com/v2/DV'

Success response

{
  "Accounts": [
    {
      "acmeAccountID": "ABc_123xYZ456",
      "accountStatus": "pending",
      "eabMACKeyb64url": "ghM4321abc_D8765xyZ",
      "eabMACIDb64url": "ZyX321_abc654DeF1"
    }
  ]
}