Skip to content

Re-subscribe to Let’s Encrypt Renewal Reminder Emails

Let’s Encrypt will automatically email expiration notices when your domain’s SSL certificate is coming up for renewal at 20 days, 10 days, and 1 day before the expiration date. (Recently, I received notices at 19 days and again at 10 days.)

3221letsencryptexpirationI’ve found these renewal reminders very helpful because in the past, they’ve told me that the certificate auto-renewal process I had created (see Free SSL Certificate from Let’s Encrypt for Nginx) was broken. (Initially, I had attempted to setup the auto-renewal process to execute as a non-root user, but frequent updates requiring root access kept breaking it. I ended up configuring the auto-renewal to use root access.)

The renewal email body contains a link with the title “If you want to stop receiving all email from this address, click…” at the end. Unfortunately, the link is very long, taking up 3 to 4 lines of text (on my screen) and making it easy to click on by accident. More unfortunate, clicking on the link will disable the sending of expiration reminders to your email address for all domain certificates, not just the particular domain certificate in question. This change cannot be undone; you cannot re-register the same email address.

However, there is a re-registration workaround documented at Let’s Encrypt’s Expiration Emails page. The workaround takes advantage of how most email services will ignore the plus symbol and whatever follows it in an email address. For example, “myuser+1@mydomain.com” is treated the same as “myuser@mydomain.com”.

To re-subscribe your email address, run the command below in your certbot installation directory. (You will be prompted to input your sudo password if necessary.)

$ cd certbot
$ ./certbot-auto register --update-registration --email myuser+1@mydomain.com

Requesting to rerun ./certbot-auto with root privileges...
Saving debug log to /var/log/letsencrypt/letsencrypt.log

-------------------------------------------------------------------------------
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'
d like to send you email about EFF and
our work to encrypt the web, protect its users and defend digital rights.
-------------------------------------------------------------------------------
(Y)es/(N)o: N

IMPORTANT NOTES:
 - Your e-mail address was updated to myuser+1@mydomain.com.

The community support page, Accidentally Unsubscribed, mentions an alternative workaround using LetsMonitor.org. LetsMonitor.org appears to be an external website which periodically checks the expiration date on your domain’s SSL certificate. I haven’t tried it but I don’t see any reason why it wouldn’t work.

Leave a Reply

Your email address will not be published. Required fields are marked *