Let’s Encrypt has announced that it will no longer send certificate expiration notification emails. If you’ve relied on those emails to remind you when to renew your SSL/TLS certificates, it’s time to rethink your approach.
Why This Matters
SSL certificates are critical for secure communication on the web. Expired certificates can cause downtime, break applications, and even expose users to security risks. If your infrastructure depends on SSL/TLS, automated certificate renewal is a must. But automation alone isn’t enough – you also need monitoring in place to catch failures before they cause problems.
Learn more about What Are SSL Certificate Errors: Causes & Best Practices on How to Prevent and Fix Them
Automated Renewal Isn’t Foolproof
Even with an automated renewal setup, things can go wrong:
- A scheduled renewal job might fail due to configuration issues.
- A service might not pick up the new certificate properly.
- A domain verification issue might prevent a new certificate from being issued.
This is not just theory. It happens even to well-established players. Here are just a few examples:
- Microsoft’s Azure outage due to expired SSL certificates
- GitHub breaks site layout after forgetting to renew the certificate
- Spotify was hit with an outage after forgetting to renew a certificate
Without proactive monitoring, you might not realize a problem until your users start seeing security warnings.
Why SSL Monitoring Is Now More Important Than Ever
Since Let’s Encrypt’s expiration notification emails stopping on June 4, 2025, you need a reliable way to track certificate health. This is where Sematext Synthetics comes in.
Sematext Synthetics provides SSL certificate monitoring to help you stay ahead of expiration issues. It checks:
- Certificate expiration dates every day and alerts you 28, 14, 7, and 3 days before the expiry
- Validates the SSL certificates of the API/websites in every run
- Certificate changes every 10 minutes and alerts you when any changes are detected, with a detailed change report
Here’s an example for google.com:
Sematext’s SSL checks will let you know in real time when something – anything goes wrong with your SSL certificates, ensuring that your certificates remain valid and your services stay secure.
Check the docs for SSL certificate monitoring here: Sematext SSL certificate monitoring.