Let's Encrypt Outage History

Let's Encrypt is up right now

Let's Encrypt had 2 outages in the last 2 years totaling 155h 51m of downtime — averaging 0.1 incidents per month.

There were 2 Let's Encrypt outages since May 8, 2026 totaling 155h 51m of downtime. Each is summarised below — incident details, duration, and resolution information.

Source: https://letsencrypt.status.io

Minor June 3, 2026

API Degraded Performance

Detected by Pingoru
Jun 03, 2026, 04:05 PM UTC
Resolved
Jun 05, 2026, 02:02 AM UTC
Duration
1d 9h
Affected: acme-v02.api.letsencrypt.org (Production)portal.letsencrypt.org (Production)portal.letsencrypt.org (Production) (High Assurance Datacenter 2)
Timeline · 4 updates

Read the full incident report →

Minor May 8, 2026

Stopping Issuance for Potential Incident

Detected by Pingoru
May 08, 2026, 06:37 PM UTC
Resolved
May 13, 2026, 08:32 PM UTC
Duration
5d 1h
Affected: acme-v02.api.letsencrypt.org (Production)acme-staging-v02.api.letsencrypt.org (Staging)portal.letsencrypt.org (Production)portal.letsencrypt.org (Production) (High Assurance Datacenter 2)portal-staging.letsencrypt.org (Staging)portal-staging.letsencrypt.org (Staging) (High Assurance Datacenter 1)
Timeline · 5 updates
  1. investigating May 08, 2026, 06:37 PM UTC

    We have been made aware of a potential incident and are shutting down all issuance. Back to current status Status History Powered by Status.io Subscribe to receive status updates by email Close Subscribe Manage Subscription Manage Existing Subscription Create New Subscription Subscribe to receive status updates in Microsoft Teams Enter your Microsoft Teams webhook. View Instructions Email address for managing subscription Close Subscribe Manage Subscription Manage Existing Subscription Create New Subscription Subscribe to receive status updates via RSS RSS Feed Close Subscribe to receive status updates in Slack Slack channel ID Find the channel ID: Select the channel in your Slack workspace. The channel ID is displayed in the browser URL. Example: https://app.slack.com/client/T04SJBK1C/ C03SKGJ1P Email address Close Manage Subscription Manage Existing Subscription Create New Subscription Subscribe to receive status updates via iCalendar iCalendar Feed Close

  2. investigating May 08, 2026, 06:37 PM UTC

    We have been made aware of a potential incident and are shutting down all issuance.

  3. monitoring May 08, 2026, 09:03 PM UTC

    Let's Encrypt has resumed issuance. Due to an issue with the cross-signed certificate from our Generation X root to our new Generation Y root, all issuance has been switched back to our Generation X root certificate. This affects our "tlsserver" and "shortlived" ACME certificate profiles.

  4. monitoring May 08, 2026, 09:03 PM UTC

    Let's Encrypt has resumed issuance. Due to an issue with the cross-signed certificate from our Generation X root to our new Generation Y root, all issuance has been switched back to our Generation X root certificate. This affects our "tlsserver" and "shortlived" ACME certificate profiles.

  5. resolved May 13, 2026, 08:32 PM UTC

    We have identified that our cross-certified subordinate CAs are missing Extended Key Usage (EKU) fields which are now required. We are revoking and reissuing our cross-signs of X2/YR by X1, and YE by X2. This will not affect most Let’s Encrypt subscribers. We will not be revoking the end-entity certificates, as they are still compliant. However, any certificates issued from our roots YE and YR may not chain successfully to our previous roots X1 and X2 without an updated cross-signed intermediate in their chain. If you have a certificate issued by the “tlsserver” or “shortlived” ACME profiles, we recommend renewing them. Our ACME Renewal Information API is signalling affected certificates to renew now.

Read the full incident report →