Below updates email in certbot
sudo certbot update_account --email updated_email@example.com
How to view email in certbot?
How to view & update email in letsencrypt.org with respect to certificate expiring emails.
yes, I know certbot & letsencrypt.org are different but that does not solve my problem.
At least help on viewing existing email of registered domains on my server.
1 Like
_az
January 4, 2020, 8:27am
2
I don't think that Certbot provides any way to show the contact email for your Let's Encrypt ACME account.
It is possible in theory, but it would involve modifying Certbot or using/creating a different program.
The expiration emails are sent to the contact address of your Let's Encrypt ACME account, which is the same as what you input to Certbot.
Had you run the command you suggested in (1), all future expiration emails would be sent to updated_email@example.com
.
1 Like
One of the JSON files in /etc/letsencrypt/accounts/
contains what Certbot thinks your account’s email address is.
Certbot’s log files will also include it.
However, Certbot’s local information can become out-of-date if you do something complicated like copy your account files to a second server and then use “certbot update_account
” on one of the servers to change the address.
_az
January 4, 2020, 9:05am
4
As an addendum, the below Python script will fetch your current email address from the Let's Encrypt ACME server, using the account key from Certbot:
#!/usr/bin/env python
from acme.client import ClientV2
from acme.client import ClientNetwork
from acme import messages
import josepy as jose
from glob import glob
with open(glob('/etc/letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/*/private_key.json')[0], 'rb') as f:
key = jose.JWK.json_loads(f.read())
with open(glob('/etc/letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/*/regr.json')[0], 'r') as f:
regr = messages.RegistrationResource.json_loads(f.read())
net = ClientNetwork(key)
directory = messages.Directory.from_json(net.get("https://acme-v02.api.letsencrypt.org/directory").json())
client = ClientV2(directory, net)
client.net.account = regr
resp = client._post(regr.uri, None)
print(resp.json()['contact'])
e.g.
$ python view-email.py
['mailto:me@my-domain.com']
Is it in regr.json
on your system? The systems I run it on have only recorded the account URI.
In a similar vein, I couldn't find any way to trick Certbot to query the registration so that it would get reflected in its logfile.
4 Likes
Yup! Maybe it's changed. On one installation I have something like:
{"body": {"status": "valid", "contact": ["mailto:
user@example.com "], "agreement": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "key": {
... }, "uri": "https://acme-staging-v02.api.letsencrypt.org/acme/acct/
12345678", "terms_of_service": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf"}
For me, the stuff from regr.json
gets logged in the Account
object repr()
in the "DEBUG:certbot._internal.main:Picked account:" lines of the logs.
_az
January 4, 2020, 8:02pm
6
mnordhoff:
Maybe it’s changed
Looks Certbot stopped saving it since 0.26.0 - Update and delete registration with account reuse (#6174) · certbot/certbot@83f7e72 · GitHub
strip unnecessary items from regr before saving
2 Likes
system
Closed
February 3, 2020, 8:02pm
7
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.