Also
“Sign up for our newsletter”
Are you really questioning a free SSL Certificate system when it says something is too complex and not worth it?
If you ever set up a free SSL before LetsEncrypt, you'd know they're amazing and you can trust them not to lie to you, especially about this where they've outlined the reasons clearly.
You are talking of a volume of around 600 000 000 domains (based on a plot on their website) that try to renew at best after 8 weeks. And that's just default profile, there are 160h certs profiles now [0].
You think they will ever send nearly as much as (at least) 75 million newsletter mails weekly? Sendgrid's highest value in their pricing slider is 1,25 mil a week.
> Providing expiration notification emails means that we have to _retain millions of email addresses_ connected to issuance records. As an organization that _values privacy_, removing this requirement is important to us.
A mailing list. Is still retaining emails somewhere. Doesn’t matter if it’s stored in a text file on a usb drive in a vault. It’s still retaining an email list.
All "silent success" detection systems will also silently fail and so they're worse than useless in my experience.
Or you can just periodically renew the certificate on server using Task Scheduler + win-acme or Cron and certbot.
Especially domain wide certs which need DNS auth.
DNS auth would be okish if it was simply tied to a txt entry in the DNS and valid as long as the txt entry is there. Why does LetsEncrypt expire the cert while the acme DNS entry is still there? Which attack vector does this prevent?
Also, why not support file based auth in .well-known/acme-challenge/... for domain wide certs? Which attack vector does that prevent?
In my experience, it takes a little effort to set things up the first time, but from then on it just works.
And I'm sympathetic to the concerns that automating this type of thing is hard - many of the simpler DNS tools - which otherwise more than cover the needs for 90% of users - do not support API control or have other compromises with doing so.
That said, I do think LE's requirements here are reasonable given how dangerous wildcard certs can be.
That's on the DNS provider in my opinion. They can, if they want to, make things easy and automatic for their customers, but they choose not to. There's a whole list of provider-specific plugins (https://eff-certbot.readthedocs.io/en/stable/using.html#dns-...) with many more unofficial ones available (https://pypi.org/search/?q=certbot-dns-*). Generic ones, like the DirectAdmin one, will work for many web hosts that don't have their own APIs.
If you like to stick with whatever domain provider you picked and still want to use Let's Encrypt DNS validation, you can create a CNAME to another domain on a domain provider that does have API control. For instance, you could grab one of those free webhosting domains (rjst01.weirdfreewebhostthatputsadsinyourhtml.biz) with DirectAdmin access, create a TXT record there, and CNAME the real domain to that free web host. Janky, but it'll let you keep using the bespoke, API-less registrar.
I imagine you could set up a small DNS service offering this kind of DNS access for a modest fee ($1 per year?) just to host API-controllable CNAME DNS validation records. Then again, most of the time the people picking weird, browser-only domain registrars do so because it allows them to save a buck, so unless it's free the service will probably not see much use.
That's like saying "why does the government expire my passport/driver's license when I haven't changed my name". That's not how it works; the document is stamped valid for a specific amount of time, and you get a new document with a new expiration time when you renew it.
The certificate from LE will expire automatically 90 days after it was provided, that's why you need to renew it before the 90 days are up.
If you hate setting up automated certificate renewal, you can still get longer-lasting certificates from paid certificate providers. It used to be that you needed to pay a company to generate a certificate for you every year, now you just get the option to have a free one every 90 days.
> Also, why not support file based auth in .well-known/acme-challenge/... for domain wide certs
An ACME challenge file on a web server proves that you control a specific server at a specific domain, so you get a certificate for a specific domain.
A DNS entry proves you control the entire domain, so you (can) get a certificate for the domain.
By uploading a file to tekmol.freewebhost.com, you haven't proven that you control either .freewebhost.com or .tekmol.freewebhost.com. You have just proven that you control tekmol.freewebhost.com.
I took the easier route and let Cloudflare generate and handle certs for my domains. I’m on the free tier. I secure traffic between them and my host with an origin cert. By default those are valid for 15 years.
I know CF is frequently criticised around here, but wanted to mention it as an option.
And it's not just Cloudflare; there are plenty of other redirect-everything-through-a-CDN hosts available. If you don't mind giving Cloudflare control of your website (and barring visitors from countries like India where CGNAT makes everyone fill out CAPTCHAs every page load), this approach will take care of just about everything.
I’ve been impressed with how much I get on the free tier (my sites are small). With the DDoS protections, rate limit, WAF rules, and Turnstile, it feels like I can keep a significant amount of abusive traffic from reaching my host. It’s a pretty compelling tradeoff for me, anyway.
Not for much longer, the maximum lifetime of a public certificate will progressively go down to 47 days by March 2029.
> That's like saying "why does the government expire my passport/driver's license when I haven't changed my name". That's not how it works; the document is stamped valid for a specific amount of time, and you get a new document with a new expiration time when you renew it.
But Let's Encrypt doesn't charge anything. All they want is to confirm that you still control the domain. So why doesn't "the DNS record they had you add to begin with is still there" satisfy that requirement and allow you to repeatedly renew the certificate until it stops being there?
Tie the DNS challenge to the public key in the certificate. Then as long as it hasn't changed you can update the certificate without giving the update process modify access to the DNS server.
The solutions exist, depensa on the providers and your client.
An attacker should not gain the ability to persistently issue certificates because they have one-time access to DNS. A non-technical user may not notice that the record has been added.
> Also, why not support file based auth in .well-known/acme-challenge/... for domain wide certs? Which attack vector does that prevent?
Control over a subdomain (or even control over the root-level domain) does not and should not allow certificate issuance for arbitrary subdomains. Consider the case where the root level domain is hosted with a marketing agency that may not follow security best practices. If their web server is compromised, the attacker should not be able to issue certificates for the secure internal web applications hosted on subdomains.
#!/usr/bin/env bash
cert_check() {
server=$1
host=$2
port=$3
str=`ssh "$server" "echo | openssl s_client -servername $host -connect localhost:$port | openssl x509 -noout -checkend 604800"` || true
if ! echo "$str" | grep -q 'Certificate will not expire' ; then
echo "$str" | ./send-email.py "Certificate \"$host\" on $server will expire in 7 days" \
fi
}
cert_check name myserver.com 443I don't begrudge people writing a tool to learn, but it should be noted that this wheel has already been invented:
* https://github.com/matteocorti/check_ssl_cert
* https://exchange.nagios.org/directory/Plugins/Security/check...
Risk of private keys/certificates from old backup media being leaked (remembering the adobe password leak...) and then suddenly coming back online and working until someone figures out how to revoke them
It also helps with things such as change of ownership so after a certain period of time you can have the peace of mind that certs potentially issued by the previous owners are not lingering around as active (I understand things such as revoking and pinning can help with this too but It's nice to have a plain time based expiry too).
You revoke a certificate when you believe that it might have been compromised. Expiring certificates helps protect you when you've unknowingly been compromised.
So let's say that one of your employees accidentally pushed a private key for one of your certificates up to GitHub and you notice it. That's when you should immediately rotate that certificate and revoking the old one.
Now let's say that the same thing happened but you didn't notice. That's where the certificate expiring comes into play. For a Lets Encrypt certificate there's currently going to be a maximum of 90 days where someone could find that private key and work out a way to exploit it, after that period the certificate would have expired and no longer be being used.
Improvements can be changes to cryptographic algorithms, like "Don't use SHA-1" or to the nuances of the certificate document like "Don't use this X509 feature" or to the CA infrastructure like "Don't issue certificates for names which don't exist".
Shortened certificate lifetimes improve agility by bringing forward that horizon. We can say "Stop doing X by August" tomorrow, and by Christmas 2026 there are no trusted end entity certificates which relied on X. A few years ago that took 3-5 years, at the turn of the century it was more than a decade and we repeatedly paid a price for that.
Yet it was still valuable to find those that fell through the cracks. At work, the emails prevented a couple of outages by expired cert, because a dev that left was renewing them by hand and we only found out when they left and the catch-all started to bubble them up to support.
Things fall through the cracks, or people are in a pinch and just forget to add the cert to the in-house monitoring system. The emails were a wonderful failsafe.
I wish I could just query LE to tell me all existing certain where the account is under my domain name. Extremely helpful to assemble a SBOM.
It's a valuable service for the average person to get these emails without having to set up separate monitoring
> For those who would like to continue receiving expiration notifications, we recommend using a third party service such as Red Sift Certificates Lite (formerly Hardenize). Red Sift’s monitoring service providing expiration emails is free of charge for up to 250 certificates. More monitoring options can be found here.
leakycap•6h ago
> Providing expiration notifications costs Let’s Encrypt tens of thousands of dollars per year, money that we believe can be better spent on other aspects of our infrastructure.
Appreciate the honesty (they had other reasons, too! but emails are a pain and expensive at their scale)
amenghra•4h ago
tuananh•3h ago
tom1337•3h ago
bbarnett•2h ago
And worse of all, worry about Apple and Google's arbitrary rejections?
This seems far more costly than email. Just having one dev keeping those apps going, is likely 20x or more than their email costs per year.
Hamuko•3h ago
nikolayasdf123•2h ago
bayindirh•2h ago
Pushover is $5 once for personal use, ntfy.sh can be completely self-hostable if you prefer.
I have written a small tool which utilizes pushover for these reasons.
You can receive the notifications on your browser/mobile for free afterwards.
0x073•1h ago
So it's even work if you don't have control about the le client.
unilynx•1h ago
bayindirh•2m ago
genewitch•3h ago
leakycap•3h ago
That's the point
jbverschoor•2h ago
szszrk•2h ago
udev4096•1h ago
lukan•1h ago
Because companies are for profit usually and any donation they make reduces that profit. That's why open source projects that can offer service contracts, have a easier time getting money from the buisness world, because this is something bookkeeping people understand in the corporate language.
jeroenhd•2h ago
LE just isn't interested in maintaining such a service. Sending them money won't make them interested all of the sudden; that money can be spent better on setting up an independent free alternative.
heartoffoo•22m ago
pydry•1h ago
KaiserPro•43m ago
Its not only the service cost, but as they say, it costs engineering hours, which could be spent elsewhere.
Moreover, SSL cert age check should be something you're looking out for, or letting certbot restart your service for you.