diff --git a/doc/guix.texi b/doc/guix.texi
index ff3fa97d7f..241d41bfd3 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -15741,6 +15741,10 @@ revoked, but running it regularly would give your service a chance of
 staying online in case a Let's Encrypt-initiated revocation happened for
 some reason.
 
+By using this service, you agree to the ACME Subscriber Agreement, which
+can be found there:
+@url{https://acme-v01.api.letsencrypt.org/directory}.
+
 @defvr {Scheme Variable} certbot-service-type
 A service type for the @code{certbot} Let's Encrypt client.
 @end defvr
@@ -15761,6 +15765,10 @@ files.
 A list of domains for which to generate certificates and request
 signatures.
 
+@item @code{email}
+Mandatory email used for registration, recovery contact, and important
+account notifications.
+
 @item @code{default-location} (default: @i{see below})
 The default @code{nginx-location-configuration}.  Because @code{certbot}
 needs to be able to serve challenges and responses, it needs to be able
diff --git a/gnu/services/certbot.scm b/gnu/services/certbot.scm
index 661e174980..379c211430 100644
--- a/gnu/services/certbot.scm
+++ b/gnu/services/certbot.scm
@@ -50,6 +50,7 @@
                        (default "/var/www"))
   (domains             certbot-configuration-domains
                        (default '()))
+  (email               certbot-configuration-email)
   (default-location    certbot-configuration-default-location
                        (default
                          (nginx-location-configuration
@@ -59,12 +60,14 @@
 
 (define certbot-command
   (match-lambda
-    (($ <certbot-configuration> package webroot domains default-location)
+    (($ <certbot-configuration> package webroot domains email
+                                default-location)
      (let* ((certbot (file-append package "/bin/certbot"))
             (commands
              (map
               (lambda (domain)
-                (list certbot "certonly"
+                (list certbot "certonly" "-n" "--agree-tos"
+                      "-m" email
                       "--webroot" "-w" webroot
                       "-d" domain))
               domains)))
@@ -85,7 +88,8 @@
 
 (define (certbot-activation config)
   (match config
-    (($ <certbot-configuration> package webroot domains default-location)
+    (($ <certbot-configuration> package webroot domains email
+                                default-location)
      (with-imported-modules '((guix build utils))
        #~(begin
            (use-modules (guix build utils))
@@ -94,7 +98,8 @@
 
 (define certbot-nginx-server-configurations
   (match-lambda
-    (($ <certbot-configuration> package webroot domains default-location)
+    (($ <certbot-configuration> package webroot domains email
+                                default-location)
      (map
       (lambda (domain)
         (nginx-server-configuration
@@ -127,7 +132,6 @@
                            (domains (append
                                      (certbot-configuration-domains config)
                                      additional-domains)))))
-                (default-value (certbot-configuration))
                 (description
                  "Automatically renew @url{https://letsencrypt.org, Let's
 Encrypt} HTTPS certificates by adjusting the nginx web server configuration