Mail notification


#1

Hi! I sucessfully set up a couple of docker web server containers with letsencrypt nginx docker companion and it is all running fine, certs are issued ok and there are no issues with that, but the fact is that I never received a notification from letsencrypt to the email of the LETSENCRYPT_EMAIL variable saying that new certs were done or anything at all.

I am using a stack of jrcs/letsencrypt-nginx-proxy-companion, jwilder/docker-gen and official docker nginx image, is that behaviour normal?

Thanks!


#2

Hi @bcantera,

Currently the e-mail address is only used for expiry warnings (if you don’t obtain a new certificate with the exact same combination of names within a certain period of time before the original certificate is due to expire) and for certain very unusual situations where Let’s Encrypt staff need to get in touch with you for some technical or policy reason (which almost never occurs). There is no e-mail notice of successful certificate issuance because the client application immediately knows that the issuance was successful, among other things because it possesses a copy of the new valid certificate.


#3

Cool, so I will only receive emails for expiring certs, no problem with that. Is it any control panel at letsencrypt to see me currently issued certs? I guess not, but just wondering if it already is or will be.

Thanks a lot for your answers!


#4

There’s not exactly anything like that operated by Let’s Encrypt.

Most ACME clients should have a feature to list the certificates they’re currently managing, which would exclude certificates you have on other servers, and probably certificates you’ve deleted.

Let’s Encrypt submits all certificates to Certificate Transparency logs, so you can list all certificates for your domains, but there isn’t a UI operated by Let’s Encrypt, and if you share your domains with other people you won’t be able to see who issued what.

There are CT search sites like crt.sh (backlogged several days of late), Google and others, and (sometimes paid) monitoring services built atop CT.


#5

Great! That makes a lot more clear idea for me, thanks a lot for this blasting fast answers!


#6

Hi @bcantera

additional: The first expiration warning is sent when your certificate expires in 19 days. So there should be enough time to fix a problem.

If the renew works -> no mails.


#7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.