Question

Using Let's Encrypt, how do I change the email that SSL certificate renewal emails go to?

Posted April 2, 2018 4.2k views
Let's Encrypt Ubuntu 16.04

When setting up the SSL cert, I provided an email address for lost key recovery and notices, but now I’d like to change that email. What’s the command for doing so? Can I update multiple SSL certs at once? Thanks!

Add a comment
kelseybarmettler
By:
kelseybarmettler
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

1 answer
mnordhoff April 2, 2018

When setting up the SSL cert, I provided an email address for lost key recovery and notices, but now I’d like to change that email.

It depends on which ACME client you’re using.

With Certbot, it’s “certbot register --update-registration -m user@example.com”.

You have to do it with each of your accounts. For example, if you have multiple droplets, or multiple ACME clients installed, and each one asked you for your email address, each one is probably a separate account.

(Having numerous accounts is fine.)

Can I update multiple SSL certs at once?

I’m not sure what you mean. The email address is associated with each account, not each certificate.

Reply Report
  • kelseybarmettler April 2, 2018
    [deleted]
    Reply Report
  • kelseybarmettler April 2, 2018

    With Certbot, it’s “certbot register –update-registration -m user@example.com”.

    Thanks, I am using certbot so this is perfect.

    I’m not sure what you mean. The email address is associated with each account, not each certificate.

    Understood. I misunderstood where the email address was associated and didn’t realize it was account-level instead of cert-level.

    When I used the command to update the email address, I got an unexpected error. I am not sure if sensitive info is included in this error, but it begins as follows:

    UnexpectedUpdate: RegistrationResource(body=Registration(status=None, authorizations=None, agreement=u'https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf',

    More info is in the logfile but I’m not sure which parts are relevant yet. Seems related to service agreement/ terms and conditions?

    Thanks!

    Reply Report
  • kelseybarmettler April 2, 2018

    Thanks, I am using certbot so that’s perfect.

    I had misunderstood where the email address was associated– thought it was at cert level instead of account level.

    When I try to update the email using that command, I get an error that seems related to the terms and conditions. My comment has been rejected as spam twice now when I try to include the partial & redacted error message, so I’m not sure if I can provide more info easily, but if this sounds familiar to you I’d be much obliged for any help.

    Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help