Let’s Encrypt has been providing free “wildcard” certificates for websites for nearly seven years, enabling HTTPS connections for millions of domains and doing the whole Internet a real solid.
Now the nonprofit is ending a useful service, but in an exceedingly rare happenstance, it’s probably a good thing for everyone. Starting June 4, 2025, Let’s Encrypt will no longer notify its subscribers that their certification is about to expire and needs renewal. Some hosting providers automatically obtain and manage certificates from Let’s Encrypt, so there’s not much for them to do. Everyone else will have to do something, and likely it will still be free and automated.
Let’s Encrypt is ending automated emails for four stated reasons, and all of them are pretty sensible. For one thing, lots of customers have been able to automate their certificate renewal. For another, providing the expiration notices costs “tens of thousands of dollars per year” and adds complexity to the nonprofit’s infrastructure as they are looking to add new and more useful services.
If those were not enough, there is this particularly notable reason:
Providing expiration notification emails means that we have to retain millions of email addresses connected to issuance records. As an organization that values privacy, removing this requirement is important to us.
Let’s Encrypt recommends using Red Sift Certificates Lite to monitor certificate expirations, a service that is free for up to 250 certificates. The service also points to other options, including Datadog SSL monitoring and TrackSSL.
Source link
