Why did I get the "Upcoming Let's Encrypt certificate chain change" email?


I recently received an email regarding an Upcoming Let’s Encrypt certificate chain change which says “We are reaching out to you because we identified that you are currently using Let’s Encrypt certificates through Universal SSL, Advanced Certificate Manager, Custom Certificates, or SSL for SaaS.”

However, all my origin servers are secured with SSL certificates purchased from Namecheap, and the Cloudflare dashboard indicates that the Edge certificates are issued by Google Trust Services / Sectigo, and the SSL encryption mode is set to Full for all websites.This has left me confused about how my websites use Let’s Encrypt certificates.

Could anyone please provide some insight into this matter and clarify why I received this notification?


You are not guaranteed one specific Certificate Authority (CA) with e.g. Universal SSL as you mention and quote on the screenshot.

It could very well be that it uses Google Trust Services (GTS) right now, but … before the replacement to the current certificate was using Let’s Encrypt, - however, that would justify for recently, not currently, as you quote from the message.

This kind of message could indeed have been better, such as for example in regards to what I mentioned over here, too:

That said, -

If you’re 100% sure that there isn’t any certificates from Let’s Encrypt for any of your domains, and thus nothing for you to worry about, I would just ignore that email.

As you’ve censored your domain on the screenshot, and didn’t share any domains otherwise, it will be impossible for anyone to check up on though.

Switch that one to Full (Strict)!

1 Like

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.