Let’s Encrypt has announced it will no longer send email notifications about expiring certificates. The nonprofit Certificate Authority (CA) officially implemented this change on June 4, 2025, and detailed the decision in a blog post.
Let’s Encrypt, which provides free and automated SSL/TLS certificates for enabling HTTPS on websites, is among the world’s largest certificate authorities. The organization says the decision to discontinue expiration emails is driven by rising operational costs, increasing privacy concerns, and efforts to simplify its infrastructure.
“Over the past 10 years, more and more of our subscribers have been able to put reliable automation into place for certificate renewal,” the organization said. “It no longer makes sense to continue maintaining this notification system.”
Let’s Encrypt had been storing millions of user email addresses to support the service, a practice that it now sees as contrary to its core privacy values. Eliminating the email notification system also reduces operational complexity and saves tens of thousands of dollars annually, resources the organization says can be redirected toward improving infrastructure and supporting new service components.
Let’s Encrypt said it has deleted the email addresses it previously stored via the ACME API. Furthermore, any email addresses submitted through ACME will not be stored or linked to issuance records. Instead, they will be forwarded to the Internet Security Research Group (ISRG) mailing list system, which is separate from certificate issuance data.
“If the email address has not been seen before, that system may send an onboarding email with information about how to subscribe to various sources of updates,” the organization said.
