Using Let's Encrypt, how do I change the email that SSL certificate renewal emails go to?

Question

When setting up the SSL cert, I provided an email address for lost key recovery and notices, but now I’d like to change that email. What’s the command for doing so? Can I update multiple SSL certs at once? Thanks!

Answer 1

mnordhoff April 2, 2018

When setting up the SSL cert, I provided an email address for lost key recovery and notices, but now I’d like to change that email.

It depends on which ACME client you’re using.

With Certbot, it’s “certbot register --update-registration -m user@example.com”.

You have to do it with each of your accounts. For example, if you have multiple droplets, or multiple ACME clients installed, and each one asked you for your email address, each one is probably a separate account.

(Having numerous accounts is fine.)

Can I update multiple SSL certs at once?

I’m not sure what you mean. The email address is associated with each account, not each certificate.

Reply Report

kelseybarmettler April 2, 2018

[deleted]
Reply Report
kelseybarmettler April 2, 2018
With Certbot, it’s “certbot register –update-registration -m user@example.com”.

Thanks, I am using certbot so this is perfect.

I’m not sure what you mean. The email address is associated with each account, not each certificate.

Understood. I misunderstood where the email address was associated and didn’t realize it was account-level instead of cert-level.

When I used the command to update the email address, I got an unexpected error. I am not sure if sensitive info is included in this error, but it begins as follows:

UnexpectedUpdate: RegistrationResource(body=Registration(status=None, authorizations=None, agreement=u'https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf',

More info is in the logfile but I’m not sure which parts are relevant yet. Seems related to service agreement/ terms and conditions?

Thanks!
Reply Report
kelseybarmettler April 2, 2018

Thanks, I am using certbot so that’s perfect.

I had misunderstood where the email address was associated– thought it was at cert level instead of account level.

When I try to update the email using that command, I get an error that seems related to the terms and conditions. My comment has been rejected as spam twice now when I try to include the partial & redacted error message, so I’m not sure if I can provide more info easily, but if this sounds familiar to you I’d be much obliged for any help.
Reply Report
- mnordhoff April 2, 2018
  
  I’m afraid not. You might try starting a thread on https://community.letsencrypt.org/ or seeing if you can post it on a pastebin and link that here.
  
  Reply Report
  
  kelseybarmettler April 3, 2018
  
  Thank you, I should have done that right off the bat– here’s the pastebin: https://pastebin.com/fteCHETx
  
  community.letsencrypt.org is my next stop! I did read a thread there that seemed to be this error however the posted solution (adding a domain with the domain flag) didn’t work for me.
  
  Reply Report
  
  mnordhoff April 3, 2018
  
  What version of Certbot are you running?
  
  I’m not certain, but that looks like an issue fixed around Certbot 0.13.0.
  
  https://github.com/certbot/certbot/issues/4330
  
  Reply Report
  
  kelseybarmettler April 3, 2018
  
  I read that issue too and definitely agree, my error was the same. I am running the latest package that is available for Apache on Ubuntu, 0.12.0-1 (xenial). I don’t know if there’s a way for me to update because all I’m really familiar with is using apt-get. So for now I hope that my manual change to the json file at /etc/letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory/<hash>/regr.json sticks!
  
  Reply Report
  
  mnordhoff April 3, 2018
  
  @kelseybarmettler The Certbot PPA has version 0.22.2.
  
  https://launchpad.net/~certbot/+archive/ubuntu/certbot
  
  Reply Report
  
  kelseybarmettler April 3, 2018
  
  Thanks, I didn’t realize that I a later version was available via that site you linked. I was able to update it and the issue is resolved! For posterity I added the repository and upgraded certbot as follows:
  
  sudo add-apt-repository ppa:certbot/certbot sudo apt-get update sudo apt-get install certbot
  
  Then used the command you earlier specified certbot register --update-registration -m user@example.com. Thanks!
  
  Reply Report
  
  kelseybarmettler April 3, 2018
  
  Update: after some searching I saw that there might be a workaround to manually change the email by going to /etc/letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory/<hash>/regr.json and the registered email is right there at the top. Hopefully that works; the commenter who posted said it didn’t seem to for him though…
  
  Reply Report

Answer 2

kelseybarmettler April 2, 2018

[deleted]
Reply Report
kelseybarmettler April 2, 2018
With Certbot, it’s “certbot register –update-registration -m user@example.com”.

Thanks, I am using certbot so this is perfect.

I’m not sure what you mean. The email address is associated with each account, not each certificate.

Understood. I misunderstood where the email address was associated and didn’t realize it was account-level instead of cert-level.

When I used the command to update the email address, I got an unexpected error. I am not sure if sensitive info is included in this error, but it begins as follows:

UnexpectedUpdate: RegistrationResource(body=Registration(status=None, authorizations=None, agreement=u'https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf',

More info is in the logfile but I’m not sure which parts are relevant yet. Seems related to service agreement/ terms and conditions?

Thanks!
Reply Report
kelseybarmettler April 2, 2018

Thanks, I am using certbot so that’s perfect.

I had misunderstood where the email address was associated– thought it was at cert level instead of account level.

When I try to update the email using that command, I get an error that seems related to the terms and conditions. My comment has been rejected as spam twice now when I try to include the partial & redacted error message, so I’m not sure if I can provide more info easily, but if this sounds familiar to you I’d be much obliged for any help.
Reply Report
- mnordhoff April 2, 2018
  
  I’m afraid not. You might try starting a thread on https://community.letsencrypt.org/ or seeing if you can post it on a pastebin and link that here.
  
  Reply Report
  
  kelseybarmettler April 3, 2018
  
  Thank you, I should have done that right off the bat– here’s the pastebin: https://pastebin.com/fteCHETx
  
  community.letsencrypt.org is my next stop! I did read a thread there that seemed to be this error however the posted solution (adding a domain with the domain flag) didn’t work for me.
  
  Reply Report
  
  mnordhoff April 3, 2018
  
  What version of Certbot are you running?
  
  I’m not certain, but that looks like an issue fixed around Certbot 0.13.0.
  
  https://github.com/certbot/certbot/issues/4330
  
  Reply Report
  
  kelseybarmettler April 3, 2018
  
  I read that issue too and definitely agree, my error was the same. I am running the latest package that is available for Apache on Ubuntu, 0.12.0-1 (xenial). I don’t know if there’s a way for me to update because all I’m really familiar with is using apt-get. So for now I hope that my manual change to the json file at /etc/letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory/<hash>/regr.json sticks!
  
  Reply Report
  
  mnordhoff April 3, 2018
  
  @kelseybarmettler The Certbot PPA has version 0.22.2.
  
  https://launchpad.net/~certbot/+archive/ubuntu/certbot
  
  Reply Report
  
  kelseybarmettler April 3, 2018
  
  Thanks, I didn’t realize that I a later version was available via that site you linked. I was able to update it and the issue is resolved! For posterity I added the repository and upgraded certbot as follows:
  
  sudo add-apt-repository ppa:certbot/certbot sudo apt-get update sudo apt-get install certbot
  
  Then used the command you earlier specified certbot register --update-registration -m user@example.com. Thanks!
  
  Reply Report
  
  kelseybarmettler April 3, 2018
  
  Update: after some searching I saw that there might be a workaround to manually change the email by going to /etc/letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory/<hash>/regr.json and the registered email is right there at the top. Hopefully that works; the commenter who posted said it didn’t seem to for him though…
  
  Reply Report

Answer 3

1508atoz January 22, 2021

To update email address,

$ certbot update_account -m YOUR_EMAIL_ADDRESS
e.g. certbot update_account -m me@email.com

Reply Report

Related

Question

Using Let's Encrypt, how do I change the email that SSL certificate renewal emails go to?

Related

Leave a comment

Looking for something else?

Sign up for our newsletter

Related

Question

Using Let's Encrypt, how do I change the email that SSL certificate renewal emails go to?

Related

Leave a comment

Related

question

ERR_SSL_PROTOCOL_ERROR - Website not working

question

SSL set up gives "redirected you too many times."

question

I installed letsencrypt cetificate but which steps do I need to take to renew it when it expires?

question

C'ant type (dot) in terminal

Looking for something else?