1

I am trying to update the old email address which was being used to recieve expiry notification from the amazing Letsencrypt. However, I did not find a way to do it amazingly :O.

What I did try however: I deleted the old certificate in the hope that certbot would have asked me regarding the new email but the fact it didn't (poor me)

I deleted the old certificate using this command

certbot delete

then I chose the domain which I would like to delete.

Then I regenerate a new letsencrypt certificate which was a success no errors found and the website was still online without any further certificate issue (prost to that!):

sudo certbot certonly --nginx -d thecompany.com

But then however, CERTBOT did not ask me for a new email address! (omg!)

And now I don't know what to do, feels like banging my head to the wall won't help, so, I let my fingers dance on my keyboard and asked this question to the nicest folks at here :).

Many thanks!

busythomas
  • 91
  • 2
  • 9

2 Answers2

4
--update-registration

is no more a valid argument, the below command worked for me to update/change the email id.

sudo certbot update_account -m <mail_id>

Below is the snippet of the sudo certbot --help command about manage accounts.

manage your account:
    register        Create an ACME account
    unregister      Deactivate an ACME account
    update_account  Update an ACME account
    show_account    Display account details
  --agree-tos       Agree to the ACME server's Subscriber Agreement
   -m EMAIL         Email address for important account notifications
skg
  • 71
  • 1
  • 5
2

According to the documentation:

--update-registration
                    With the register verb, indicates that details
                    associated with an existing registration, such as the
                    e-mail address, should be updated, rather than
                    registering a new account. (default: False)
-m EMAIL, --email EMAIL
                    Email used for registration and recovery contact. Use
                    comma to register multiple emails, ex:
                    u1@example.com,u2@example.com. (default: Ask).
Gerald Schneider
  • 23,274
  • 8
  • 57
  • 89
  • hey thanks for the quick answer. I was looking at the doc but I was hesitate because I have multiple domains here, so if I ran the update using the command above, would it update the email addresses for other domains as well? I expect not ... – busythomas Dec 06 '18 at 07:56
  • 1
    AFAIK the mail address is bound to the account, not to a domain. So yes, this will affect all certificates registered with that account. – Gerald Schneider Dec 06 '18 at 08:01
  • so, in my situation, this one server was maintained by another system admin who is already not working anymore and he could not be contacted. I am now concerned...what is mean with account? can I know how to get more info about this account, such as which domains are related to the account? – busythomas Dec 06 '18 at 08:05
  • 1
    Again, quote from the documentation: `To view a list of the certificates Certbot knows about, run the certificates subcommand`. If that lists all certificates bound to the account, or only the ones on the server certbot runs on, I don't know. – Gerald Schneider Dec 06 '18 at 08:07
  • thanks for your answer. One more thing, the question above was for server A, I am managing another server (B). I generated letsencrypt cert on server B with email letsencrypt@thecompany.com. Then I tried to update the registration on server A, and yes, certbot told me it has successfully changed the email address to letsencrypt@thecompany.com, however, at the next line it saysthat it has failed to subscribed letsencrypt@thecompany.com, I dunno if this is the normal expectation? – busythomas Dec 06 '18 at 14:52