From June 4, 2025, Let's Encrypt will no longer send you emails to notify you when your SSL/TLS certificates have expired. This change, which may seem surprising, is actually excellent news for system administrators, web hosts and site owners. In this article, we'll look at why this decision simplifies certificate management and improves security.
At LRob, our web hosting offers already integrate Let's Encrypt and automate SSL certificate management, guaranteeing HTTPS always works without manual intervention.
Let's Encrypt: a key player in free and automatic SSL/TLS
Let's Encrypt is a certification authority that provides free SSL/TLS certificates. It enables millions of sites to display the famous security padlock in browsers and ensure an encrypted HTTPS connection.
Until now, if you used Let's Encrypt, you automatically received emails to warn you that your certificates were about to expire. But this feature will disappear.
Why Let's Encrypt removes expiration notifications
Let's Encrypt announced that expiry notifications will be deactivated as of June 4, 2025.
Here are the main reasons:
1. Automating SSL certificates has become the norm
Ten years ago, renewing a certificate was often a manual process. Today, all good web hosts and system administration tools offer automatic renewal, which makes expiration emails useless.
At LRob, all Let's Encrypt certificates are renewed automatically to avoid any interruption in service. For customers using wildcard certificates, renewal remains automated as long as the site uses our DNS servers.
2. Notifications that are often unnecessary or misleading
Expiration emails had several disadvantages:
- Certificates replaced but still notified If you regenerated a certificate for reason X or Y, you could receive an alert for a certificate that was no longer in use.
- Emails ignored or misinterpreted Alerts could confuse accommodation owners, who didn't always understand what they were about.
3. Improved protection of personal data
Let's Encrypt stored millions of email addresses just to send these alerts. By removing this feature, the organization is strengthening the protection of users' privacy.
4. Reducing costs and complexity
Manage these notifications represented tens of thousands of dollars a year in costs for Let's Encrypt. These resources will now be allocated to improving the service's infrastructure and reliability.
How do you ensure that your SSL certificate remains active?
Are you an LRob customer? Good news: you don't have to do a thing.
Our web hosting services automatic renewal of your Let's Encrypt certificates and alert you to any anomalies. What's more, we monitor hosted domains so that we can alert you before expiration in the event of non-renewal. You don't have to worry about expiries.
What's more, we use a 4096-bit RSA encryption key instead of the default 2048, for greater security of data exchanged between visitors and your websites.
Using an SSL monitoring service
If you manage your certificates outside LRob, we recommend setting up SSL monitoring, such as :
- Red Sift Certificates Lite (formerly Hardenize) Free for monitoring up to 250 certificates.
- Uptime Kuma or Cert Spotter Tools to monitor the status of your certificates and receive alerts when they expire.
Conclusion: Simplification benefits web hosting
The end of Let's Encrypt expiration notifications is a logical evolution: Certificates are now automated, and monitoring solutions make up for any oversights.
With our web hosting offersWith Let's Encrypt, we guarantee that HTTPS is always active and hassle-free. Are you looking for a hosting provider that integrates Let's Encrypt and manages everything for you? Then join us!
Leave a Reply