- Let’s Encrypt will interrupt the expiration emails of the certificate from June 2025
- He says that most users have automated renewals anyway
- Move will also see the organization will remove millions of e-mail addresses from its database
Let’s Encrypt has revealed that it will no longer inform the administrators of websites when their SSL / TLS certificates will be about to expire. Although it looks like problems – it seems to be a good thing.
The news was confirmed by the executive and co-founder director of the company, Josh AAS, in a blog article, noting that the notifications by e-mail will cease to be released on June 4, 2025, citing four key reasons. The first is that an increasing majority of subscribers have a renewal of automated certificate, reliably, rendering the service somewhat obsolete.
The second reason is to reduce costs – the supply of expiration notifications costs the organization “tens of thousands of dollars a year,” said AAS, adding that money could be better spent elsewhere.
Protect user confidentiality
“The provision of expiration notifications adds complexity to our infrastructure, which takes time and attention to manage and increase the probability that errors are made,” he said in the article. “In the long term, especially when we add the management of new service components, we must manage the overall complexity by removing the components of the system which can no longer be justified.”
However, the fourth reason is particularly interesting because it essentially protects the confidentiality of users. The sending of e-mail notifications also means that the organization must maintain millions of email addresses linked to emission recordings. “As an organization that values ​​confidentiality, the abolition of this requirement is important to us.”
In other words, Let’s Encrypt will remove millions of e-mail addresses from its database, reducing the risk that these emails will be torn off by a threat actor.
For those who wish to continue to receive notifications by e-mail, Let’s Encrypt suggests using a third-party service such as Red Soft Certificate Lite, which is free for up to 250 certificates.
Let’s Encrypt is a free, automated and open certificate authority (CA) which provides SSL / TLS certificates to websites. It helps encrypt web traffic, guaranteeing secure connections between users and websites (HTTPS).
