Changing email address for mails from Let's Encrypt Expiry Bot

Hi,
We had an employee who created certificates via Let's Encrypt.
This user no longer works with us, but emails are still sent from Let's Encrypt to his address.
I would like to change it for all the domains relevant to his account (one for example: showmoreabout.com/).
None of us ever here in the company used Let's Encrypt and I have found no way to really enter any web-based control panel. Am I missing something?

Thanks,
Elad

1 Like

There's no web-based control panel, all interaction with Let's Encrypt is done through the ACME client, which is a program that usually runs on the web server itself and handles requesting and installing certificates automatically. So, you need to figure out which client is being used (there are a lot of possibilities, though certbot is probably most likely if your servers are on Linux), and run some command to have that client update your Let's Encrypt account email address. (There's an example for certbot at the bottom of the Expiration Emails documentation page.)

Though it's somewhat concerning that you see expiration emails at all, since that implies that either your automated renewals aren't working right, or you recently added or removed a domain name from a certificate.

2 Likes

Welcome to the Let's Encrypt Community, Elad :slightly_smiling_face:

In addition to what @petercooperjr correctly stated, I'd like to add that if you can determine which ACME client software is being used to acquire your certificates and that software does not enable you to update your ACME account email address, it may be possible to extract the private key and account URL for your ACME account from that software's data files and import it into another ACME client (like CertSage, which I authored) that enables you to update your ACME account email address.

For now, if you want information about your certificate expiration dates, you can use https://crt.sh to lookup all of the Let's Encrypt certificates issued for your domain name(s).

YES:

You should have had them write down what they did and how before letting them go.
That said, it is NOT impossible to figure it out.
Q #1 Do you have root access to the web server?

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.