Let’s Encrypt, the nonprofit certificate authority that provides free SSL/TLS certificates to secure websites with HTTPS, has officially stopped sending out email notifications about upcoming certificate expirations.
The change went into effect on June 4, 2025, but the organization only recently shared the update through a blog post to inform users and minimize service disruptions.
The decision to sunset expiration reminder emails was driven by several factors, including rising operational costs, increased infrastructure complexity, and growing privacy concerns. According to Let’s Encrypt, maintaining the email system costs tens of thousands of dollars annually — funds that could be better used to support core infrastructure improvements. The organization also noted that handling large volumes of email alerts adds unnecessary strain to its systems and increases the risk of operational errors.
Privacy was another key concern. Managing a large database of email addresses linked to certificate issuance records means storing sensitive user data, which contradicts Let’s Encrypt’s principle of minimizing data retention wherever possible. As the organization continues to scale and add more services, reducing internal complexity has become a long-term priority.
A major reason this change may not significantly impact most users is the widespread adoption of the ACME protocol (Automatic Certificate Management Environment), which allows servers and hosting providers to automate certificate issuance and renewal. Let’s Encrypt has long encouraged automation, and the industry is moving in that direction, especially with upcoming changes such as the CA/Browser Forum’s plan to shorten certificate lifespans to just 47 days by 2029. This will make manual renewal workflows not only inefficient but virtually unsustainable.
Users who still rely on email notifications are advised to adopt automated renewal tools as soon as possible. Those who need alerts can set up their external notification systems, independent of Let’s Encrypt. The goal is to ensure continued HTTPS coverage without depending on manual reminders, which are now considered obsolete in the modern certificate management ecosystem.
Let’s Encrypt remains one of the largest and most trusted certificate authorities in the world, backed by major tech companies and supported in all major browsers and operating systems.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
While the decision to stop email reminders may inconvenience some, it reflects a broader industry shift toward automation, stronger privacy practices, and more sustainable infrastructure.
