- cross-posted to:
- [email protected]
- [email protected]
- cross-posted to:
- [email protected]
- [email protected]
Since its inception, Let’s Encrypt has been sending expiration notification emails to subscribers that have provided an email address to us. We will be ending this service on June 4, 2025. The decision to end this service is the result of the following factors:
- Over the past 10 years more and more of our subscribers have been able to put reliable automation into place for certificate renewal.
- Providing expiration notification emails means that we have to retain millions of email addresses connected to issuance records. As an organization that values privacy, removing this requirement is important to us.
- Providing expiration notifications costs Let’s Encrypt tens of thousands of dollars per year, money that we believe can be better spent on other aspects of our infrastructure.
- Providing expiration notifications adds complexity to our infrastructure, which takes time and attention to manage and increases the likelihood of mistakes being made. Over the long term, particularly as we add support for new service components, we need to manage overall complexity by phasing out system components that can no longer be justified.
You must log in or register to comment.
OP, can you please remove the four spaces preceding each paragraph in your post? That syntax is for code formatting. It triggers a monospace font and puts each paragraph into a single line, forcing readers into painstaking horizontal scrolling to be able to read each one. It’s like trying to read a book through a keyhole.
Fixed it now, I didn’t realize that the copy and paste had those spaces in front.
Thanks!
Could be your client. With Sync it properly word wraps, and for myself I actually find this font easier to read
My “client” is Lemmy’s native UI, and is rendering it correctly according to markdown and html specs. If your client is wrapping it or using a variable-width font, then that’s convenient for you in this case, but it’s violating the spec. (This is somewhat common in mobile apps, so I guess you’re reading on a phone.)
Sync markup/rendering is presently a semi-completed conversion from reddit’s and it’s functional enough.
It is not the client, that it is actually how markdown works. Every markdown guide specifically tells to avoid this indentation because its meant for code blocks which by default do not wrap text lines.
They’re talking specifically about the word wrapping. Note in their screenshot it is properly rendered in monospace code block font.
I know, clients not wrapping lines in codeblocks are also “rendering properly”. Wrapping it’s up to the client’s parser, reason why I noted to use the aproppriate syntax regardless.
Readable on Voyager as well.
EDIT: Not to say it looks good, but it’s readable.
The syntax colouring, really doesn’t help though. Standard font looks better for text blocks than a code block.
If it was actually code that isn’t the correct behavior. Code doesn’t line wrap, because line breaks mean something in most languages, so introducing virtual line breaks causes confusion.
Since its inception, Let’s Encrypt has been sending expiration notification emails to subscribers that have provided an email address to us. We will be ending this service on June 4, 2025. The decision to end this service is the result of the following factors:
-
Over the past 10 years more and more of our subscribers have been able to put reliable automation into place for certificate renewal.
-
Providing expiration notification emails means that we have to retain millions of email addresses connected to issuance records. As an organization that values privacy, removing this requirement is important to us.
-
Providing expiration notifications costs Let’s Encrypt tens of thousands of dollars per year, money that we believe can be better spent on other aspects of our infrastructure.
-
Providing expiration notifications adds complexity to our infrastructure, which takes time and attention to manage and increases the likelihood of mistakes being made. Over the long term, particularly as we add support for new service components, we need to manage overall complexity by phasing out system components that can no longer be justified.
Much easier to read
Ah thanks for pointing it out, I fixed the formatting.
-
Well that kind of sucks. I wish they had more tutorials about how to automate then because if you’re not using http-01 via certbot due to port 80 being blocked, which if you’re on a residential line it’s pretty common, so then you have to use dns-01 and manual hooks which isn’t exactly clear for and documented well.
What manual hooks? All the systems I’ve used LE certs in have supported fully automatic DNS challenges.
Can’t speak for OP but they can’t seem automate my network solutions DNS through plugins.
I don’t know why in the hell they are such sticklers about wild card domains. Just let me off it on any working domain, hell, force me to author on this is my wildcard.Mydomain.com. the DNS authorization is an unnecessary
I mean that’s just another item in the long list of reasons you should not be using Network Solutions.
You’re not wrong, but they don’t support quite a lot.
Their are multiple different way u can configure certbot to verify.
And DNS is the only one available for wild card and unless you’re using a plug-in capable DNS service, They suck at it.
Sigh, yeah I know that and that’s not the point I was making but sure.
If you use Caddy with ACME DNS, all of this can be automated.
If you also use Cloudflare, you can do that + traffic routing with cloudflared without any need for port forwarding .
Using nginx with certbot and duck DNS and I ended up using the manual option with a authentication, clean up, and post bash scripts and then final script that I called from chron job that called the scripts every three months.
Just from a beginning user of let’s encrypt, and while a software developer I’m not versed in backend development, and I found the documentation to be a bit hit or miss, understandable with a plethora of open source projects. Using certbot, because that’s the rabbit hole let’s encrypt first send you down, the documentation while available isn’t easy to navigate in my opinion and it took me a while to track down the variables used to pass down the text and the bulk examples found were all using http-01.
I just think that if your not someone with a background in tech, just wanting to get a server to and running with ssl following a bunch of other tutorials and guides, it could be a bit better to get adoption.
Is that mostly for ISPs running CGNAT?
Change is hard, I get it, if this change is upsetting, I’d personally figure out the automation piece. it took me a bit but after getting it going it’s rock solid. If using Linux of some flavor, acme.sh works really well.
It’s not just figuring out the automation. If they don’t have a plug-in for your DNS provider, and you need a wild card, that automation gets kind of dicey.
Agreed.
For us the mitigation is to do a little monitoring with alerts set to start casually at 29 days out and enter critical 13 days out (out from expiry).
I’ll end up with a nagios alarm with an x509 check
emails
Needs a [sic] in there.
deleted by creator
Oh no, the free service is going to make you put a reminder on your calendar.
Novel concept, how about they let me pay them to remind me.
I think uptime Kuma can be configured to look for expiring certs
I actually think it’s set by default. If there’s a cert it gives you the expiration.
It’s twoo, it’s twoo
