37

The email address used as the admin email when we started using let's encrypt needs to be modified (a former employee used his personal email address as the admin email and he is no longer with the firm). What steps need to be taken to get that modified (we can get the former employee to confirm this). We need to remove his personal email address and replace it with a new email address. This will be used for key recovery actions. In either case, I would like the former employee's personal email address to be removed. What steps do I need to take to accomplish this (if my understanding of the process is incorrect, kindly point me to the right direction). Thanks in advance.

ali haider
  • 1,190
  • 3
  • 16
  • 30

5 Answers5

65

Use: 

certbot-auto register --update-registration --email new_email@example.com

or

certbot register --update-registration --email new_email@address.org

or 

certbot update_account --email yourname+1@example.com

certbot-auto or certbot will work if you have the executable under /usr/sbin. If you're unable to call certbot-auto globally, use the path to the certbot-auto file.

Source: https://letsencrypt.org/docs/expiration-emails/

Pablo A
  • 210
Ralph
  • 952
16

Update based on https://letsencrypt.org/docs/expiration-emails/

certbot update_account --email yourname+1@example.com

Before This is just an update on n3rve's answer, since certbot-auto didn't work for me:

certbot register --update-registration --email new_email@address.org
lupo
  • 161
13

There is also a contact email address stored by the python letsencrypt client under: /etc/letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory/{someKindOfHash}/regr.json

I believe that if you create multiple certs from the same letsencrypt client instance, it reuses the email address stored in regr.json, at least for expiry alert emails.

Alex Nauda
  • 436
8

According to https://letsencrypt.org/docs/expiration-emails/

certbot update_account --email yourname@example.com

I guess it keeps on changing

YesItsMe
  • 201
0

Because Let's Encrypt is a certificate authority, I'm guessing you want to update the data (an email) within your certificate.

If the certificate was signed, there is no way to update it. A new certificate will need to be produced.

Jack Frost
  • 56