Updates on Lets Encrypt Subscriber Agreement & Ending Expiration Notification

I’ve posted this for awareness. I’m just pondering whether there’s any impact.

Hi,

As a Let’s Encrypt Subscriber, you benefit from access to free, automated TLS certificates. One way we have supported Subscribers is by sending expiration notification emails when it’s time to renew a certificate.

We’re writing to inform you that we intend to discontinue sending expiration notification emails. You can learn more in this blog post. You will receive this reminder email again in the coming months:

Ending Support for Expiration Notification Emails - Let's Encrypt

Here are some actions you can take today:

Automate with an ACME Client that supports Automated Renewal Information (ARI). ARI enables us to automatically renew your certificates ahead of schedule should the need arise:

An Engineer’s Guide to Integrating ARI into Existing ACME Clients - Let's Encrypt

Sign up for a third-party monitoring service that may provide expiration emails. We can recommend Red Sift Certificates Lite, which provides free expiration emails for up to 250 active certificates:

Never miss an expiring certificate with Red Sift Certificates Lite

Opt in to emails. While we are deprecating expiration notification emails, you can opt in to continue to receive other emails. We’ll keep you informed about technical updates, and other news about Let’s Encrypt and our parent nonprofit, ISRG, based on the preferences you choose:

Sign up for emails - Let's Encrypt

In accordance with this change, we are updating our Subscriber Agreement, effective 24 February 2025. This is the agreement that governs the relationship between you and ISRG with regards to your acquisition and use of SSL/TLS digital certificates issued by ISRG (via Let’s Encrypt). You don’t need to take any action to continue to use the Let’s Encrypt service but we encourage you to review the new agreement. You can find the latest agreement (v1.5) here:

Policy and Legal Repository - Let's Encrypt

If you are receiving this email in error, unsubscribe at:
You've been unsubscribed

All the best,
Let’s Encrypt

This won’t really affect most users - Sympl will continue to renew certs where it can, and a planned upcoming refresh of sympl-ssl will include further functionality such as revoking old certificates and wildcards, and support for ARI as well as notices for certs that couldn’t renew for some reason.

1 Like

Sounds great. So presumably the refreshed release of Sympl will coincide with the release of Debian 13? Do we have a ball park for release of Deb 13?

Likely before late summer.