diff --git a/cmd/reissuer/main.go b/cmd/reissuer/main.go
index 428b001a0..dd81c3c64 100644
--- a/cmd/reissuer/main.go
+++ b/cmd/reissuer/main.go
@@ -127,6 +127,33 @@ func main() {
 				},
 			},
 		},
+		{
+			Name:   "password",
+			Usage:  "view or resend the password for the latest certificate request",
+			Action: resendPassword,
+			Before: connectDB,
+			After:  closeDB,
+			Flags: []cli.Flag{
+				&cli.StringFlag{
+					Name:     "vasp",
+					Aliases:  []string{"vasp-id", "v"},
+					Usage:    "the VASP ID to send reissuance reminder notifications to",
+					Required: true,
+				},
+				&cli.BoolFlag{
+					Name:    "yes",
+					Aliases: []string{"y"},
+					Usage:   "skip the confirmation prompt and immediately send notifications",
+					Value:   false,
+				},
+				&cli.BoolFlag{
+					Name:    "show",
+					Aliases: []string{"s", "show-password"},
+					Usage:   "show the password on the command line and exit without emailing the user",
+					Value:   false,
+				},
+			},
+		},
 		{
 			Name:   "proto",
 			Usage:  "create an identity certificate protocol buffer from a certificate",
@@ -505,6 +532,86 @@ func reissueCerts(c *cli.Context) (err error) {
 	return nil
 }
 
+func resendPassword(c *cli.Context) (err error) {
+	var (
+		vasp           *pb.VASP
+		vaspName       string
+		certreqID      string
+		pkcs12password []byte
+		sm             *secrets.SecretManager
+		emailer        *emails.EmailManager
+		whisperLink    string
+		nsent          int
+	)
+
+	ctx, cancel := utils.WithDeadline(context.Background())
+	defer cancel()
+
+	// Fetch and identify the VASP specified by the user
+	vaspID := c.String("vasp")
+	if vasp, err = db.RetrieveVASP(ctx, vaspID); err != nil {
+		return cli.Exit(fmt.Errorf("could not find VASP record %s: %s", vaspID, err), 1)
+	}
+
+	if vaspName, err = vasp.Name(); err != nil {
+		vaspName = vasp.CommonName
+	}
+
+	// Get the latest certificate request for the VASP
+	if certreqID, err = models.GetLatestCertReqID(vasp); err != nil {
+		return cli.Exit(fmt.Errorf("could not get latest certificate request ID for vasp %s: %s", vaspName, err), 1)
+	}
+
+	// Connect to the secrets store and fetch the PKCS12 password if it exists
+	if sm, err = secrets.New(conf.Secrets); err != nil {
+		return cli.Exit(fmt.Errorf("could not connect to secret manager: %s", err), 1)
+	}
+
+	if pkcs12password, err = sm.With(certreqID).GetLatestVersion(ctx, "password"); err != nil {
+		return cli.Exit(fmt.Errorf("could not retrieve pkcs12 password for vasp %s certificate request %s: %s", vaspName, certreqID, err), 1)
+	}
+
+	// If print password and exit, do that without user confirmation
+	if c.Bool("show") {
+		fmt.Printf("retrieved password for %s (certificate request %s)\n", vaspName, certreqID)
+		if !c.Bool("yes") {
+			if !askForConfirmation("show PKCS12 password on the command line?") {
+				return cli.Exit(fmt.Errorf("canceled by user"), 1)
+			}
+		}
+
+		// Print password and exit
+		fmt.Println(string(pkcs12password))
+		return nil
+	}
+
+	// Check with the user if we should continue with resending the password
+	fmt.Printf("resending password for %s (certificate request %s)\n", vaspName, certreqID)
+	if !c.Bool("yes") {
+		if !askForConfirmation("continue and resend PKCS12 password?") {
+			return cli.Exit(fmt.Errorf("canceled by user"), 1)
+		}
+	}
+
+	// Create the Whisper link for the provided PKCS12 password.
+	if whisperLink, err = whisper.CreateSecretLink(fmt.Sprintf(whisperPasswordTemplate, string(pkcs12password)), "", 3, weekFromNow()); err != nil {
+		return cli.Exit(err, 1)
+	}
+
+	// Create the email manager.
+	if emailer, err = emails.New(conf.Email); err != nil {
+		return cli.Exit(err, 1)
+	}
+
+	// Send the notification email that certificate reissuance is forthcoming and provide whisper link to the PKCS12 password.
+	if nsent, err = emailer.SendReissuanceStarted(vasp, whisperLink); err != nil {
+		return cli.Exit(err, 1)
+	}
+
+	fmt.Printf("successfully sent %d Whisper password notifications for PKCS12 password %q\n", nsent, pkcs12password)
+	return nil
+}
+
 func makeCertificateProto(c *cli.Context) (err error) {
 	var archive *trust.Serializer
 	if pkcs12password := c.String("pkcs12password"); pkcs12password != "" {
diff --git a/pkg/gds/emails/bindata.go b/pkg/gds/emails/bindata.go
index 67b144b2b..68a81e5f7 100644
--- a/pkg/gds/emails/bindata.go
+++ b/pkg/gds/emails/bindata.go
@@ -1,7 +1,7 @@
 // Code generated by go-bindata. DO NOT EDIT.
 // sources:
-// deliver_certs.html (1.699kB)
-// deliver_certs.txt (1.308kB)
+// deliver_certs.html (1.983kB)
+// deliver_certs.txt (1.585kB)
 // expires_admin_notification.html (1.199kB)
 // expires_admin_notification.txt (850B)
 // reissuance_admin_notification.html (931B)
@@ -14,8 +14,8 @@
 // reject_registration.txt (600B)
 // review_request.html (1.225kB)
 // review_request.txt (978B)
-// verify_contact.html (666B)
-// verify_contact.txt (536B)
+// verify_contact.html (675B)
+// verify_contact.txt (545B)
 
 package emails
 
@@ -83,7 +83,7 @@ func (fi bindataFileInfo) Sys() interface{} {
 	return nil
 }
 
-var _deliver_certsHtml = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\x74\x54\x41\x6f\x1b\x37\x13\xbd\xef\xaf\x78\x9f\xf1\x1d\x5a\xc0\xd1\x22\x39\x1a\xdb\x45\xd3\x38\x69\x85\x06\x4e\x60\xa9\x05\x7a\xa4\xb8\x23\x2d\x6b\x92\xc3\x0e\x67\xa5\x2a\x81\xff\x7b\xc1\x5d\x49\x96\x05\xfb\xb6\xcb\xe1\x1b\xbe\x99\x79\x6f\x9a\xd4\xfe\x46\xde\x33\xbe\x7f\xc7\xec\xce\x04\xc2\xe3\xe3\x75\x53\xa7\xb6\xaa\x9a\xd4\x56\xc0\x5f\x3c\x08\x96\xf7\xf3\xc5\x7b\x44\xd2\x1d\xcb\x03\x84\x36\x2e\xab\x18\x75\x1c\xd1\x9b\x8c\x15\x51\x84\x49\x49\x78\x4b\xdd\xff\x26\x08\xcb\xc6\x44\xf7\xed\xf9\xa5\x0a\xd8\x88\x89\x4a\x1d\x5c\x47\x51\x9d\xee\x61\x49\xd4\xad\x9d\x35\x4a\x19\x5b\xe3\x5d\x67\xd4\xc5\x0d\xf6\x25\x4b\xa0\xb0\x22\xc9\xbd\x4b\x50\x06\x6b\x4f\x07\x32\x15\x8e\x31\x6c\x9d\x81\xf6\x74\x20\xf9\xab\xe7\x95\xf1\xb8\x75\x42\x56\x59\xf6\x33\xbc\x57\x35\xb6\xa7\xae\x64\xd0\xde\x65\x50\x30\xce\xc3\x08\xe1\xeb\xef\x1f\x16\x6f\xdf\x55\x00\x45\x2b\xfb\x54\x78\x3d\xa3\x93\x0b\xc2\x68\xe1\x02\x6b\x22\x5c\x48\x9e\x02\x45\x3d\x7b\x30\x09\x2b\x5b\xf6\x18\x72\xa1\x1d\x96\x9f\x17\x15\xb0\x73\xda\x1f\xf8\x1e\xdb\x76\xe4\xab\x0c\xfa\xd7\xf6\x26\x6e\x08\x4b\x31\x5b\xf2\xb8\x1f\x3c\xc1\x72\x48\xde\x99\x68\x09\x2e\xae\x59\xc2\xd8\xbb\x59\x75\x9a\xc6\xb2\x27\x24\x71\xc1\xc8\x1e\x1d\xa9\x71\x3e\x83\xd7\x53\xa3\xba\x63\xbd\xa0\xa8\xb2\x1f\xab\x33\x19\x6b\xf6\x9e\x77\xf9\xe6\x90\x63\xf0\x65\xa4\x8d\x77\x6d\x93\x55\x38\x6e\xda\xf9\xed\x4d\x53\x1f\xbe\x47\x0d\xfc\x39\xbf\xc5\xe3\x63\x53\x7b\x77\x79\xf5\x7e\x1c\x3b\x09\x75\x4f\xdd\xbd\x00\x3f\x5d\x39\xdd\x78\x25\xd9\x97\x33\x79\x5c\x24\x39\x0f\xbd\x82\xfe\xc0\x21\x70\x44\xd1\xeb\x05\x78\x8a\x1c\x84\xfc\x12\x74\x41\xe2\x8c\xc7\xdd\x50\x86\x71\x01\x9e\x62\x53\xe8\x15\xf8\xc7\xd8\x25\x76\x51\x2f\x90\xc7\xe3\x13\xaa\xa9\x4b\xaf\x0f\x1e\x5a\x32\x3a\x1a\x05\x36\x0d\xeb\x5c\x63\xd7\x68\x28\xb4\x45\x60\x3b\xe7\x3d\x22\x15\xa1\xf6\x47\x69\x22\x99\x9c\x77\x2c\x5d\x53\x53\x68\x47\x31\x56\x18\xe5\x28\x64\xc9\x6d\xa9\xc3\xae\xa7\x38\x9e\xac\x9d\x64\x45\x1e\x56\xc1\x69\x51\xf2\xf8\xd4\xb9\x57\x67\xe7\x44\xb4\xa7\x0a\x18\xe2\x37\x97\xd2\xa5\xec\x39\x8e\x14\x2c\x87\x60\x62\x07\xef\x22\x5d\x9f\x3c\x30\x64\x42\x63\xb9\xa3\x96\x13\xc5\x9c\x7d\x53\x8f\x7f\x30\xb9\xc2\x51\x70\xf8\xe1\x54\xd1\xaa\x88\x96\xc3\x68\xae\x22\xfd\xa8\x24\x13\xb7\x63\x6d\x3f\xde\x9c\x34\x2e\xd4\xfe\x1f\x87\xbc\x48\x0f\x36\xbf\x7d\x87\x37\x2e\x62\x7e\xf7\x69\xfe\xf9\xe3\x2c\x95\x5f\x1e\x14\x5f\xfe\x58\x8e\x07\x56\x14\x6f\x22\x77\x94\x9b\xba\x80\x8f\x1d\xff\xc4\x82\xc0\xf2\xcc\x49\xa5\x2c\x17\x95\x36\x32\x2d\x98\xd1\xa2\x4f\x3e\x3e\xd8\xf4\x1a\xc9\x93\xc9\x84\x4c\x04\x1e\xa4\x02\x3a\xb6\x43\x31\xfd\x94\xc5\x28\x1a\x83\x5e\x68\xfd\xd3\x55\xaf\x9a\xf2\x4d\x5d\xab\xb8\x6c\x66\x1d\x6d\xeb\xab\xf6\xf4\xdd\xd4\xa6\x9d\x61\x3e\x1a\x14\xbd\xd9\x12\x4c\xdc\x57\xc0\x3f\x03\xe5\x92\x29\x4f\x3d\x0d\x66\x0f\xcb\x51\x8d\x55\x0c\x19\xe3\x80\x4f\x0f\x94\x4d\xa5\x7c\x93\x87\x94\x58\xf4\x67\xe1\x89\x84\xf1\x33\xc7\x57\xed\x8b\xc7\xe5\x59\xb0\xe0\x6f\x76\x65\x58\xe0\xb2\x75\x4b\xbb\x5f\x66\xfd\xa6\x14\x9d\x93\xb1\x34\xcb\xde\xd8\x87\x99\xe5\x70\xd5\x2e\xca\x27\xca\x92\x8a\xe4\xa7\x42\xbe\x4e\x6d\xe9\xb8\x02\x22\x2b\x84\x92\xdf\x1f\xf6\x8e\xdf\x3f\x5f\xae\x67\x4b\xab\x02\x7e\xa1\xac\xb8\xa7\x8d\x91\x2e\x5f\x37\x2b\x41\x3d\x9a\xe2\xc5\x75\x8d\x05\xc9\xd6\x59\xc2\x92\x4c\x98\xb2\xfc\x17\x00\x00\xff\xff\x70\x68\xe2\x82\xa3\x06\x00\x00")
+var _deliver_certsHtml = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\x7c\x55\x4f\x6f\xdb\xc6\x13\xbd\xf3\x53\xbc\x9f\x7f\x87\xb6\x80\x2d\x22\x39\x1a\x2c\xd1\x34\xe9\x1f\x23\x45\x1a\x58\x42\x8b\x1e\xc7\xbb\x23\x71\xeb\xe5\xce\x76\x76\x29\x45\x09\xfc\xdd\x8b\x25\x29\x59\x12\x9c\xde\x48\xee\xce\x9b\x37\x33\xef\x0d\x9b\xd8\xfe\xca\xde\x0b\xbe\x7c\xc1\xe2\x03\xf5\x8c\xa7\xa7\xeb\xa6\x8e\x6d\x55\x35\xb1\xad\x80\xbf\x64\x50\xac\xee\xef\x96\x6f\x10\x38\xef\x44\x1f\xa1\xbc\x71\x29\x2b\x65\x27\x01\x1d\x25\x3c\x30\x07\x50\x8c\x2a\x5b\xb6\xf8\x56\x14\xca\x87\xd7\xef\xfe\x37\x41\x88\x6e\x28\xb8\xcf\x63\x50\x85\xe7\xb0\x8d\x52\xc8\x6c\xe1\x2c\x87\xec\xf2\x1e\x86\x35\xbb\xb5\x33\x94\x39\x61\x4b\xde\x59\xca\x2e\x6c\xb0\x2f\x28\x3d\xf7\x0f\xac\xa9\x73\x11\x59\x20\xb9\xe3\x99\x5c\x85\xc3\x19\xb6\x8e\x90\x3b\x9e\x49\xff\xe2\xe5\x81\x3c\xde\x39\x65\x93\x45\xf7\x0b\xbc\xc9\x99\x4c\xc7\xb6\x20\xe4\xce\x25\x70\x4f\xce\x83\x94\xf1\xf1\xfd\xdb\xe5\xab\xd7\x15\xc0\xc1\xe8\x3e\x16\x5e\x67\x74\x52\x89\xa0\x5c\xb8\xc0\x50\x80\xeb\xa3\xe7\x9e\x43\x3e\x49\x18\x55\xb2\x18\xf1\x18\x52\xa1\xdd\xaf\x7e\x5b\x56\xc0\xce\xe5\x6e\xe6\x7b\x68\xe3\x81\x6f\x16\xf0\x27\xd3\x51\xd8\x30\x56\x4a\x5b\xf6\xb8\x1f\x3c\xc3\x48\x1f\xbd\xa3\x60\x18\x2e\xac\x45\xfb\xb1\x77\x8b\xea\x38\x9d\x55\xc7\x88\xea\x7a\xd2\x3d\x2c\x67\x72\x3e\x41\xd6\x53\xa3\xec\xa1\x5e\x70\xc8\xba\x1f\xab\xa3\x84\xb5\x78\x2f\xbb\x74\x3b\x63\x0c\xbe\x8c\xb8\xf1\xae\x6d\x52\x56\x09\x9b\xf6\xee\xdd\x6d\x53\xcf\xcf\xa3\x26\xfe\xb8\x7b\x87\xa7\xa7\xa6\xf6\xee\xf2\xea\xfd\x28\x03\x56\xb6\xcf\xdd\xbd\x08\x7e\xbe\x72\xbc\xf1\x15\xb0\xdf\x4f\xe4\x71\x01\x72\x7a\xf4\x95\xe8\xb7\xd2\xf7\x12\x50\xf4\x7b\x11\x3c\x9d\xcc\xc2\x7e\x29\x74\xc9\xea\xc8\xe3\xc3\x50\x86\x71\x11\x3c\x9d\x4d\x47\x5f\x09\xff\x29\xd8\x28\x2e\xe4\x8b\xc8\xc3\xe7\x63\x54\x53\x97\x5e\xcf\x9e\x5a\x09\x2c\x8f\x02\x9b\x86\x75\xaa\xb1\x6b\x34\xdc\xb7\x45\x60\x3b\xe7\x3d\x02\xb3\x05\xcd\xc2\x44\xa4\x94\x76\xa2\xb6\xa9\xb9\x6f\x17\xb8\x5b\x4f\x02\x76\xa9\xc2\xa8\xc0\xb5\xd3\x94\x4f\xe1\x0a\xfe\x37\x5b\x86\xb2\x61\x57\xcc\x49\xeb\xcc\x7a\xe6\xe0\xeb\xf1\xce\x21\x55\x41\x39\xba\xe0\x90\x6e\x12\xfd\x8e\x12\xac\x4b\xd1\xd3\x9e\x2d\xec\xa0\x45\xde\xe5\xfe\xd9\x3e\x88\x2a\x86\x53\x9a\xc9\x71\xe2\x49\x7a\x21\x0c\xe4\xfd\xbe\x02\x94\x6f\x5c\x4a\xc3\x85\xb5\x5e\x60\xf1\xf6\xfd\x69\xc9\xcf\x1c\x46\xbb\x4e\xf6\x2d\x6d\x2a\x76\xa7\x0a\x90\xc0\x37\xd9\xf5\x8c\x3f\x3b\x97\x22\x2b\xbc\x0b\x8f\x88\xa5\x72\x3b\x31\x3d\x58\xfd\xc4\x42\xe7\xc3\x28\x69\x87\xf0\xd9\xc5\x78\x69\x7c\x09\xe3\xa1\x91\xbe\xa7\x60\x0b\x34\x5f\x1f\xb7\xc0\x90\x18\x8d\x11\xcb\xad\x44\x0e\x29\xf9\xa6\x1e\xdf\x2a\x14\xcb\x59\x4e\x46\xdd\x43\x59\x71\x01\x0d\xa1\x53\x5e\x7f\x7f\xd5\xe5\x1c\xd3\x6d\x5d\x67\x75\x89\x16\x96\xb7\xf5\xdf\xe2\x82\x0b\x9b\x9b\xf1\x4b\x1d\x1f\x4d\x7a\xf5\xba\x76\xc1\xf2\xa7\x45\x97\x7b\xff\x7f\x32\xa5\xaf\xe5\x06\x05\x7b\x93\x68\x3b\x5e\xee\xf8\xe6\x94\xe8\x55\x3b\x9a\x5f\xcc\x50\xb6\xd2\x38\x91\xa6\xa6\x76\x31\xd6\x3a\x17\xfc\xb3\x28\x7a\xd1\xb3\xad\x52\x0a\x74\x21\xf3\x46\xa7\x65\x3b\xae\xab\xe7\x9d\x36\xaf\xac\x6b\x44\xcf\x94\x18\x89\x19\x32\x68\x85\xf3\x54\xa0\xfc\x5f\x15\x5e\xb5\xc7\xe7\x91\x54\x91\x48\xe9\x61\x47\xdb\xa2\x90\x22\x8e\x7f\x06\x4e\x05\x69\xd2\x03\x7a\xda\xc3\x48\xc8\x64\x32\x86\x04\xca\xc5\x7d\x87\x04\x65\x94\x59\x6e\xd3\x10\xa3\x68\xfe\x41\x65\x22\x41\x7e\xe1\xe4\xaa\x7d\xf1\x73\x49\x0b\x51\x94\x5e\x17\xc0\xf1\x57\x54\x3a\xf6\x32\xeb\x9b\x52\x74\x8a\x64\x78\x91\x3c\x99\xc7\x85\x91\xfe\xaa\x5d\x96\x47\x94\x85\x1d\xd8\x4f\x85\x7c\x9c\xda\x62\xa5\x02\x82\x64\x28\x47\xbf\x9f\x77\xb0\xdf\x9f\xff\x68\xce\xd5\xf7\x23\xa7\x8c\x7b\xde\x90\xda\x74\xdd\x3c\x28\xea\x51\x93\x2f\xfe\xba\xb0\x64\xdd\x3a\xc3\x58\x31\xf5\x13\xca\xbf\x01\x00\x00\xff\xff\x44\x02\x3d\xcd\xbf\x07\x00\x00")
 
 func deliver_certsHtmlBytes() ([]byte, error) {
 	return bindataRead(
@@ -98,12 +98,12 @@ func deliver_certsHtml() (*asset, error) {
 		return nil, err
 	}
 
-	info := bindataFileInfo{name: "deliver_certs.html", size: 1699, mode: os.FileMode(0644), modTime: time.Unix(1669674063, 0)}
-	a := &asset{bytes: bytes, info: info, digest: [32]uint8{0xff, 0x3, 0x8c, 0xe6, 0x30, 0x47, 0x9e, 0x4f, 0x1a, 0x29, 0x61, 0xe7, 0xb7, 0x94, 0xd7, 0x3b, 0xc9, 0x2b, 0xae, 0x81, 0xc9, 0xcf, 0xf8, 0x6a, 0x3c, 0xc9, 0xda, 0x1d, 0xf6, 0x59, 0xbc, 0x6}}
+	info := bindataFileInfo{name: "deliver_certs.html", size: 1983, mode: os.FileMode(0644), modTime: time.Unix(1716396272, 0)}
+	a := &asset{bytes: bytes, info: info, digest: [32]uint8{0x51, 0xfc, 0x54, 0x6f, 0xcb, 0x9b, 0xeb, 0x65, 0xcb, 0xa, 0xd4, 0x6b, 0x64, 0xfb, 0xde, 0x72, 0xba, 0xc1, 0xe5, 0xec, 0xfb, 0xa4, 0x1, 0xcb, 0x87, 0x9c, 0x97, 0x25, 0xef, 0x60, 0xb8, 0x3f}}
 	return a, nil
 }
 
-var _deliver_certsTxt = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\x6c\x54\xc1\x8e\xdb\x46\x0c\xbd\xeb\x2b\x5e\x6f\x2d\xe0\xd5\x22\x39\xee\xa9\x69\x36\x69\x8d\x06\x9b\x60\xed\x16\xe8\x91\x1e\xd1\xd6\x74\x67\x86\x53\x0e\x25\x57\x09\xf6\xdf\x8b\x91\xec\xb5\x37\xe8\x51\xe4\x1b\xf2\x91\xef\x51\xbf\x71\x08\x82\x6f\xdf\xd0\x3e\x50\x64\x3c\x3f\xaf\x9a\xe6\x2f\x19\x14\xdb\xc7\xf5\xe6\x1d\x12\xdb\x51\xf4\x09\xca\x07\x5f\x4c\xc9\xbc\x24\xf4\x54\xb0\x63\x4e\xa0\x9c\x55\x46\xee\x7e\xc0\xfc\x44\xf4\x40\xc9\x7f\xfd\x0e\x74\x50\x4a\xc6\x1d\x7c\xc7\xc9\xbc\x4d\x70\xac\xe6\xf7\xde\x91\x71\xc1\x48\xc1\x77\x64\x3e\x1d\x30\xd5\x1a\x91\xe3\x8e\xb5\xf4\x3e\xc3\x04\x62\x3d\x9f\xa9\x9c\x32\x18\x3d\xc1\x7a\x3e\x45\x7f\x0d\xb2\xa3\x80\x7b\xaf\xec\x4c\x74\x6a\xf1\xce\x8c\x5c\xcf\x5d\x7d\x6f\xbd\x2f\xe0\x48\x3e\x80\x94\xf1\xe5\xf7\xf7\x9b\x37\x6f\xc1\xc9\xe9\x94\x2b\xa7\x57\x54\x4a\xc5\x93\x55\x1e\x70\x94\xe0\x63\x0e\x1c\x39\xd9\x55\xbb\xac\x62\xe2\x24\x60\x28\x95\x72\xdc\x7e\xda\xe0\xe8\xad\x3f\x31\x3d\xaf\xeb\xcc\xd5\x04\xfc\xaf\xeb\x29\x1d\x18\x5b\xa5\x91\x03\x1e\x87\xc0\x70\x12\x73\xf0\x94\x1c\xc3\xa7\xbd\x68\x9c\x77\xd6\x36\xcd\xb6\x67\x64\xf5\x91\x74\x42\xc7\x46\x3e\x14\xc8\x7e\x59\x4d\x77\x9e\x11\x9c\x4c\xa7\x79\x22\x2a\xd8\x4b\x08\x72\x2c\x77\x4d\xb3\xbe\xbf\x9b\x95\xfc\x73\x7d\x8f\xe7\xe7\xe6\x71\xd6\x8c\x95\xbb\xcb\x7a\x16\xc0\x25\xf3\x92\xa8\x0f\x3e\x5f\xe9\xb7\x00\xaf\x23\x15\xf1\x5e\x62\x94\x84\x6a\x95\x05\xb0\x04\x4e\xd6\x69\x36\xac\x9e\x02\x1e\x86\x3a\xfd\x02\x58\x42\x4b\xa4\x42\x3e\xa4\x2e\x8b\x4f\xb6\x64\xcf\x5f\x35\xd3\x6c\x05\x1d\xcf\xca\x2c\xf3\x5e\x8b\xb3\x9a\x55\x39\xfa\x10\x90\xb8\x6a\xdb\xbf\xa8\x99\xa9\x94\xa3\x68\x77\x11\x4f\xd9\xb1\x1f\xb9\xc3\xb1\xe7\x34\x47\xf6\x5e\x8b\xa1\x0c\xbb\xe8\xad\xea\x3e\xd7\xbf\xf6\x74\x8b\xab\xee\xb5\xf8\x90\xbe\xfa\x9c\xbf\xb7\x88\xa4\x39\xe9\x24\x46\x4a\x1d\x82\x4f\xbc\x7a\xf1\xcb\x50\x18\x92\x39\x95\x12\xae\x74\xc1\x8f\x2f\xcc\x77\x55\x5b\x89\xb3\xf3\xaa\x33\x92\xb1\x2e\x54\xce\x33\xfc\x74\xd7\x34\xe7\x12\xf9\xc9\x95\x37\x6f\x71\xe3\x13\xd6\x0f\x1f\xd7\x9f\x3e\xb4\xb9\x7e\xca\x60\xf8\xfc\xc7\x76\x0e\x38\x35\xdc\x24\xe9\xb8\x34\xcd\x47\x51\x44\xd1\x57\x86\xaa\x7c\x7d\x32\x3e\xe8\x72\x61\xb3\x53\x2f\x66\x3e\xb9\x75\x85\x1c\x98\x0a\x63\xf4\xc5\x1b\x66\xab\x89\x1b\xaa\xf3\x97\x2a\x64\xe8\xcd\x72\xb9\xbb\xbd\x35\xf5\x85\xda\x8e\xc7\xdb\x16\xeb\xd9\x97\xe8\x69\x64\x50\x9a\xf0\xcf\xc0\xa5\xe2\x4f\x62\x45\x9a\xe0\x24\x19\x39\xc3\x50\x6a\x91\x32\xe4\x2c\x6a\x3f\xab\x2c\x85\x29\xb4\x5e\x20\x8a\xbf\xc5\xd7\xf5\x55\xba\xb5\xfb\x26\x90\x7b\x42\x3d\x9b\xc4\x01\x73\xcb\x9b\x4a\xb4\x64\x72\xdc\x96\x9a\x6d\x9d\xc4\x16\x5f\x16\xde\x9d\x20\x89\x41\x39\x87\xe9\x74\x25\x61\x7a\x7d\xfe\x6d\xd3\xfc\xc2\xc5\xf0\xc8\x07\xd2\xae\xac\x9a\xff\xff\x7b\x60\xc3\x3a\x7a\xc7\xd8\x32\xc5\xe6\xbf\x00\x00\x00\xff\xff\x09\x70\x0a\x17\x1c\x05\x00\x00")
+var _deliver_certsTxt = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\x6c\x54\x4d\x6f\xdc\x46\x0c\xbd\xeb\x57\xb0\xe8\x21\x2d\xe0\x95\x91\x1c\x7d\x6a\x6a\xf7\xc3\x48\x91\x06\xde\x45\x8b\xde\x42\xcf\x70\x57\xac\x47\xc3\x29\x49\x69\xa3\x04\xfe\xef\xc5\x48\xbb\xf1\xae\xe3\xa3\xc8\x27\xf2\x0d\xdf\x23\x7f\xa7\x94\x04\xbe\x7c\x81\xf6\x3d\xf6\x04\x8f\x8f\x17\x4d\xf3\x8f\x0c\x0a\x9b\xbb\xdb\xf5\x5b\xc8\xe4\x7b\xd1\x07\x50\xda\xb1\xb9\xa2\xb3\x64\xe8\xd0\xe0\x9e\x28\x03\x96\xa2\x32\x52\x84\x1f\x44\x41\xe9\xf8\xf9\xe3\x77\x30\x97\x10\xdd\x61\xe6\xcf\xcf\x7e\xda\x29\x66\xa7\x08\x1c\x29\x3b\xfb\x04\x81\xd4\x79\xcb\x01\x9d\x0c\x46\x4c\x1c\xd1\x39\xef\x60\xaa\x35\x7a\xea\xef\x49\xad\xe3\x02\x2e\x20\xde\xd1\x91\xda\x21\x03\x23\x23\x78\x47\x87\xe8\x6f\x49\xee\x31\xc1\x0d\x2b\x05\x17\x9d\x5a\x78\xeb\x8e\xa1\xa3\x58\xff\xf7\x8e\x0d\xa8\x47\x4e\x80\x4a\xf0\xe1\xdd\xf5\xfa\xf5\x1b\xa0\x1c\x74\x2a\x95\xd3\x19\x15\xab\x78\xf4\xca\x03\x02\x66\xe0\xbe\x24\xea\x29\xfb\x49\xbb\xa2\xe2\x12\x24\xc1\x60\x95\x72\xbf\xf9\x63\x0d\x7b\xf6\xee\xc0\xf4\x38\xbe\x23\x57\x17\xa0\x4f\xa1\xc3\xbc\x23\xd8\x28\x8e\x94\xe0\x6e\x48\x04\x41\xfa\x92\x18\x73\x20\xe0\xbc\x15\xed\xe7\x99\xb5\x4d\xb3\xe9\x08\x8a\x72\x8f\x3a\x41\x24\x47\x4e\x06\xb2\x5d\x46\x13\x8f\x6f\x04\xca\xae\xd3\xfc\x22\x34\xd8\x4a\x4a\xb2\xb7\xab\xa6\xb9\xbd\xb9\x9a\x95\xfd\xeb\xf6\x06\x1e\x1f\x9b\xbb\x59\x43\x52\x8a\x4f\xe3\x59\x00\x4f\x99\xaf\x89\xfa\xc3\x9f\x27\xfa\x2d\xc0\xd3\x48\x45\x5c\x4b\xdf\x4b\x86\x6a\x9d\x05\xb0\x04\x0e\x56\x6a\xd6\xa4\x8c\x09\xde\x0f\xf5\xf5\x0b\x60\x09\x2d\x91\x0a\xf9\x25\xc7\x22\x9c\x7d\xc9\x1e\xbf\x6a\xa6\xd9\x08\x44\x9a\x95\x59\xde\x7b\x2a\xce\xc5\xac\xca\x9e\x53\x82\x4c\x14\x01\x8f\x5a\x16\x34\xdb\x8b\xc6\x16\x6e\xb7\x8b\xdc\x6c\xb3\x5e\x5b\x56\xf3\xd3\x1a\xb5\xc2\xab\x91\x40\x29\x30\x55\x13\xe3\xd6\x49\xcf\x9c\x3e\x77\x79\x75\xec\x51\xab\x3c\xeb\xb2\x18\x64\x8f\x06\x91\xad\x24\x9c\x28\x42\x1c\xb4\x5a\xa1\xa2\xcf\xb6\xa6\xa8\x04\x32\x3b\x10\x23\xa3\x45\xb0\x9c\x07\x4c\x69\x02\xa5\x15\x9b\x0d\xcf\x4c\xf8\x02\x83\xeb\x77\x2f\x33\x98\x6d\xbd\xd8\xbc\xce\xa6\xae\x05\x82\x64\x5a\x39\xf7\x04\x7f\x77\x6c\x85\x14\x12\xe7\x07\x28\x4a\x81\xe2\xc2\xf2\xb8\x10\xed\xd9\xc0\x6b\xa7\x21\x7f\xe6\x52\x9e\x6f\x85\xe4\x39\x19\xa4\xef\x31\xc7\x5a\x8f\x2e\xbe\xae\xc8\x60\x04\x1f\xa5\x50\x36\x4b\x1f\xab\x19\x23\x59\x50\xbe\xaf\xeb\x9e\x61\x36\xad\x84\xa1\xee\xd0\xe1\x28\x90\xd2\x55\xd3\x74\xee\xc5\xae\x2e\x2f\x5d\xd9\xb0\x8d\x34\x5e\xfe\x2b\x9c\x39\xef\x56\x73\xe4\xb2\x3c\x04\x7b\xfd\xe6\x92\x73\xa4\x4f\x6d\xe7\x7d\xfa\x1e\x43\x9d\x65\x45\x60\x8e\x2b\xc3\x71\x06\x77\xb4\x3a\xe5\xda\x34\xbf\x8a\x42\x2f\x7a\xb6\x55\xf5\x05\x9c\x9d\x76\xba\x9c\x99\x79\x5d\x9f\x36\xfa\xb0\xb2\x17\x50\x12\xa1\x11\x8c\x6c\xec\x2f\x50\x47\x87\x6f\x69\xcf\xe2\xd6\x61\x74\x38\x56\x6d\x27\xf8\x6f\x20\xab\xf8\x83\x63\x7b\x9c\x20\x48\x76\x0c\x0e\x83\xd5\x22\x36\x94\x22\xea\x3f\xa9\x2c\x85\x31\xb5\x2c\x20\x0a\x75\x04\x15\x23\xcb\xe0\xd6\x09\xc3\x03\xd4\xdb\x91\x29\xc1\xdc\x72\x55\x89\x5a\xc1\x40\xad\xd5\x6c\x1b\xa4\x6f\xe1\xc3\xc2\x3b\x0a\x64\x71\x50\x2a\x69\x3a\x9c\x8a\x34\x9d\xdf\xc0\xb6\x69\x7e\x26\x73\xb8\xa3\x1d\x6a\xb4\x8b\xe6\xe5\x13\x0a\x6b\xd2\x91\x03\xc1\x86\xb0\x6f\xfe\x0f\x00\x00\xff\xff\x6a\xe7\xb1\x52\x31\x06\x00\x00")
 
 func deliver_certsTxtBytes() ([]byte, error) {
 	return bindataRead(
@@ -118,8 +118,8 @@ func deliver_certsTxt() (*asset, error) {
 		return nil, err
 	}
 
-	info := bindataFileInfo{name: "deliver_certs.txt", size: 1308, mode: os.FileMode(0644), modTime: time.Unix(1669674063, 0)}
-	a := &asset{bytes: bytes, info: info, digest: [32]uint8{0xce, 0xf0, 0x81, 0x66, 0x53, 0x38, 0xb8, 0xf1, 0xd1, 0x5b, 0xcf, 0xc6, 0xa0, 0x37, 0xe1, 0xd3, 0xba, 0x2b, 0xb5, 0x5e, 0x83, 0x72, 0x5e, 0x83, 0x4e, 0x57, 0x18, 0xe8, 0x94, 0x41, 0x64, 0x23}}
+	info := bindataFileInfo{name: "deliver_certs.txt", size: 1585, mode: os.FileMode(0644), modTime: time.Unix(1716396281, 0)}
+	a := &asset{bytes: bytes, info: info, digest: [32]uint8{0x6e, 0x37, 0x14, 0xb8, 0xfc, 0xfa, 0xff, 0xbd, 0xc9, 0xc4, 0x79, 0xe2, 0x1a, 0x76, 0xe0, 0xf6, 0x3a, 0x56, 0xcc, 0x55, 0xa8, 0x27, 0x5a, 0xa7, 0xb0, 0x1a, 0xea, 0x1e, 0xd, 0xdc, 0x68, 0x51}}
 	return a, nil
 }
 
@@ -363,7 +363,7 @@ func review_requestTxt() (*asset, error) {
 	return a, nil
 }
 
-var _verify_contactHtml = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\x74\x92\xbf\x8e\xdb\x30\x0c\x87\x77\x3f\x05\x91\xa5\x4b\x6a\xef\x81\x6b\xf4\x1f\xd0\x1e\x50\x74\xb8\xa4\xdd\x69\x99\x89\x05\xcb\xa2\x4a\xd2\x09\x8c\x43\xde\xbd\x90\x05\xa4\x37\xf4\x36\xe3\x27\x99\xfc\xf8\x51\x6d\xea\xbe\x53\x08\x0c\x2f\x2f\x50\xff\xc4\x99\xe0\x7e\xdf\xb7\x4d\xea\xaa\xaa\x4d\xdd\x69\xc4\x38\xc1\xca\x0b\x9c\x59\x40\x97\x7e\xf6\x66\x3e\x5e\x00\xe1\xf4\xfc\x74\xfc\x04\x91\xec\xc6\x32\x81\xd0\xc5\xab\x09\x9a\xe7\x08\x42\x7f\x16\x52\xab\xe1\xc4\xd0\xd3\xc5\x47\xb0\x91\x40\xe8\xea\xe9\x56\x25\x61\x47\xaa\x7b\x48\x81\x50\x09\x5a\x84\x51\xe8\xfc\x61\x97\x01\x7e\x93\xf8\xf3\xfa\x85\xa3\xa1\xb3\x5f\xcf\x3f\xe0\x7e\xdf\x75\xd7\x2d\xcc\x14\x02\x34\xa3\x0f\xd0\xaf\xe0\x82\x77\x53\x26\xb1\xd1\x6b\x15\x7c\x9c\xea\xb6\xc1\xae\x90\x3f\x9d\x37\x66\x87\x31\xb2\x95\xab\xc0\x85\x22\xdf\x7c\xf4\x76\x9c\x56\xc0\x38\x40\x42\x35\x7a\x9c\x43\x4f\x81\x6f\xe0\xa3\xf1\xd6\xb5\xea\x85\x6f\x4a\x02\x38\x0c\x42\xaa\xd0\xa3\x1c\x1e\x8e\x5a\xc7\x03\x75\x6f\xd0\xb7\xcd\x76\xfa\x1a\xeb\x9d\x10\x8c\x78\xdd\xd8\x85\x97\x3e\x10\x94\x09\x73\xb2\x0d\xe9\x4a\x85\x32\xec\x2b\xd8\x92\x66\xca\x22\x1f\x87\xd9\x47\xad\xd0\xfe\x49\xcc\x7f\x18\x1f\x74\x49\x89\xc5\x3e\x0a\xdb\xb6\x12\x0c\xb5\xe7\x5d\xf7\xdf\x38\x6b\x03\x96\x2c\xa8\x34\x9f\xe7\x25\x7a\x5b\xab\x47\xd1\xd1\x2c\xe9\xa1\x69\x4c\xbc\xe2\xfb\xbc\x6f\x4d\xe8\xa8\xd6\x80\x6e\xaa\x1d\xcf\xbb\xee\x98\x3f\xc1\x8d\x18\x23\x85\x5c\xb1\xde\xdc\x7c\x26\xb5\xfc\x36\x50\x06\xdd\xb7\xbd\x40\xd3\x55\x85\xfd\x5b\xe0\x1e\x03\x7c\xf5\x42\xce\x58\x56\x38\x92\x5c\xbd\x23\x38\x11\xce\x9b\xae\xbf\x01\x00\x00\xff\xff\x04\x32\x9e\x99\x9a\x02\x00\x00")
+var _verify_contactHtml = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\x6c\x92\x4f\x8b\xdb\x40\x0c\xc5\xef\xfe\x14\x22\x97\x5e\x52\xfb\x1e\x5c\xd3\x7f\xd0\x2e\x94\x1e\x36\xd9\xde\xe5\xb1\x12\x0f\x19\x8f\xa6\x92\x9c\x60\x16\x7f\xf7\x32\x1e\x48\xf7\xb0\x37\xf3\x24\x4b\xbf\xf7\x34\x6d\xea\x7e\x52\x08\x0c\xaf\xaf\x50\xff\xc6\x89\x60\x5d\xf7\x6d\x93\xba\xaa\x6a\x53\x77\x1a\x31\x5e\x61\xe1\x19\xce\x2c\xa0\x73\x3f\x79\x33\x1f\x2f\x80\x70\x7a\x7e\x3a\x7e\x81\x48\x76\x67\xb9\x82\xd0\xc5\xab\x09\x9a\xe7\x08\x42\x7f\x67\x52\xab\xe1\xc4\xd0\xd3\xc5\x47\xb0\x91\x40\xe8\xe6\xe9\x5e\x25\x61\x47\xaa\x7b\x48\x81\x50\x09\x5a\x84\x51\xe8\xfc\x69\x97\x01\xfe\x90\xf8\xf3\xf2\x8d\xa3\xa1\xb3\x97\xe7\x5f\xb0\xae\xbb\xee\xb6\x89\x99\x42\x80\x26\xf4\x01\xfa\x05\x5c\xf0\xee\x9a\x49\x6c\xf4\x5a\x05\x1f\xaf\x75\xdb\x60\x57\xc8\x9f\xce\x1b\xb3\xc3\x18\xd9\x4a\x2b\x70\xa1\xc8\x9d\x8f\xdd\x8e\xd3\x02\x18\x07\x48\xa8\x46\x8f\x3a\xf4\x14\xf8\x0e\x3e\x1a\x6f\x5b\xab\x5e\xf8\xae\x24\x80\xc3\x20\xa4\x0a\x3d\xca\xe1\x91\x51\xeb\x78\xa0\xee\x3d\xfa\x97\x48\x31\x17\x07\x58\xd7\xb6\xd9\xda\xde\xf2\x7d\x10\x82\x11\x6f\x9b\x09\xe1\xb9\x0f\x04\xc5\x6a\x56\x36\xb7\xae\x8c\x2a\xae\xdf\x50\x17\x35\xe3\x96\x2b\xe0\x30\xf9\xa8\x15\xda\xff\x34\xf3\x1f\xc6\x07\x9d\x53\x62\xb1\xcf\xc2\xb6\xdd\x06\x43\xed\x79\xd7\xbd\x2b\xe7\xfc\x80\x25\x27\x55\x96\x4f\xd3\x1c\xbd\x2d\xd5\x63\xe8\x68\x96\xf4\xd0\x34\x26\x5e\xf1\x63\x3e\xbc\x26\x74\x54\x6b\x40\x77\xad\x1d\x4f\xbb\xee\x98\x3f\xc1\x8d\x18\x23\x85\x3c\xb1\xde\x42\xfa\x4a\x6a\xf9\x91\xa0\x0c\xba\x6f\x7b\x81\xa6\xab\x0a\xfb\x8f\xc0\x3d\x06\xf8\xee\x85\x9c\xb1\x2c\x70\x24\xb9\x79\x47\x70\x22\x9c\xb6\xb8\xfe\x05\x00\x00\xff\xff\xee\x12\x41\x68\xa3\x02\x00\x00")
 
 func verify_contactHtmlBytes() ([]byte, error) {
 	return bindataRead(
@@ -378,12 +378,12 @@ func verify_contactHtml() (*asset, error) {
 		return nil, err
 	}
 
-	info := bindataFileInfo{name: "verify_contact.html", size: 666, mode: os.FileMode(0644), modTime: time.Unix(1659970605, 0)}
-	a := &asset{bytes: bytes, info: info, digest: [32]uint8{0x5e, 0xc9, 0xed, 0x24, 0x65, 0xb2, 0x8b, 0xa7, 0xb1, 0xcb, 0x2b, 0x6c, 0xc9, 0xf9, 0x29, 0x6d, 0x9c, 0x7f, 0x76, 0xaf, 0x6d, 0xce, 0xe9, 0xf1, 0xbc, 0xbc, 0xe4, 0x4a, 0x6b, 0xe9, 0x1, 0xcf}}
+	info := bindataFileInfo{name: "verify_contact.html", size: 675, mode: os.FileMode(0644), modTime: time.Unix(1716397070, 0)}
+	a := &asset{bytes: bytes, info: info, digest: [32]uint8{0x3c, 0x52, 0x65, 0x75, 0xd2, 0x79, 0x85, 0xc3, 0x4f, 0xf4, 0xcd, 0x35, 0x36, 0x90, 0x89, 0x50, 0x8e, 0x56, 0x0, 0x3c, 0x4, 0x25, 0x5d, 0x98, 0xee, 0xb3, 0x7, 0x4f, 0xd9, 0x71, 0x3d, 0xbd}}
 	return a, nil
 }
 
-var _verify_contactTxt = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\x74\x91\xcd\xae\xd3\x40\x0c\x85\xf7\xf3\x14\x67\xc7\xa6\xe4\x01\x58\xf1\x27\xc1\x95\x10\x8b\xdb\xc2\xde\x99\xba\x8d\x95\xc9\x38\xd8\x4e\xab\xe8\xaa\xef\x8e\x92\x81\x2b\x36\x6c\x8f\x7f\xbe\x73\xec\xaf\x5c\x8a\xe2\xe5\x05\xdd\x77\x9a\x18\x8f\xc7\x21\xa5\xd3\x40\x75\xc4\xaa\x0b\x2e\x6a\xf0\xa5\x9f\x24\x42\xea\x15\x84\xd3\xf3\xd3\xf1\x03\x2a\xc7\x5d\x6d\x84\xf1\x55\x3c\x8c\x42\xb4\xc2\xf8\xd7\xc2\x1e\x1d\x4e\x8a\x9e\xaf\x52\x11\x03\xc3\xf8\x26\x7c\xc7\x6c\x9a\xd9\xfd\x80\xb9\x30\x39\xef\xc0\x9f\x6c\x72\x59\x3f\x69\x0d\xca\xf1\xe3\xf9\x1b\x1e\x0f\xdc\x76\x6d\x63\x1b\x78\x22\x29\xe8\x57\xe4\x22\x79\xdc\xf8\x31\x88\xa3\x48\x1d\xbb\x94\x9e\x2e\xbb\xc3\x4c\xb5\x6a\xb4\x16\x68\x63\x6e\x1d\xaf\xa4\xac\xf3\x0a\xaa\x67\xcc\xe4\xc1\xaf\x75\xf4\x5c\xf4\x0e\xa9\xa1\x8d\xd6\x9b\xde\x9d\x0d\x74\x3e\x1b\xbb\xa3\x27\x7b\x97\xd2\x7f\x7c\xfe\xc5\xbf\x31\xc6\x40\xb7\xdd\x9b\xe9\xd2\x17\xfe\x93\x60\x53\xf6\xb5\xb9\x8d\xb5\x30\xff\x98\x6a\xea\xe6\xa6\x9d\x94\xce\x93\x54\x07\x05\x7c\x99\x67\xb5\x78\x6f\x1a\xfb\x61\xa9\x74\xa2\x50\xdb\xd2\xb5\x8d\xd3\xb4\x54\x89\x15\xc7\x42\x79\x44\x1e\xa8\x56\x2e\x08\x13\xa7\xb7\xdb\x5f\x7c\xa6\xcc\x9d\x6f\xd5\x2e\xeb\xd4\xa5\xf4\x91\x3d\xb6\x6f\x91\x9d\xfd\x90\x1a\xf1\x4b\xd1\x9e\x0a\x3e\x8b\x71\x0e\xb5\x15\x47\xb6\x9b\x64\xc6\x89\x69\x4a\xbf\x03\x00\x00\xff\xff\xa1\x44\x92\x89\x18\x02\x00\x00")
+var _verify_contactTxt = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\x6c\x91\xbd\x8e\xdb\x4a\x0c\x85\xfb\x79\x8a\xd3\xdd\xc6\x57\x0f\x90\x2a\x7f\x40\xb2\x40\x90\x62\xed\x4d\x4f\x8d\x68\x8b\xd0\x68\xa8\x90\x94\x0d\x61\xa1\x77\x0f\x24\x25\x8b\x14\x69\x39\x1c\x7e\xdf\x21\xbf\x72\x29\x8a\xd7\x57\x34\xdf\x69\x64\xac\xeb\x29\xa5\x4b\x4f\x75\xc0\xa2\x33\xae\x6a\xf0\xb9\x1d\x25\x42\xea\x0d\x84\xcb\xf3\xd3\xf9\x03\x2a\xc7\x43\x6d\x80\xf1\x4d\x3c\x8c\x42\xb4\xc2\xf8\xe7\xcc\x1e\x0d\x2e\x8a\x96\x6f\x52\x11\x3d\xc3\xf8\x2e\xfc\xc0\x64\x9a\xd9\xfd\x84\xa9\x30\x39\xef\xc0\x1f\x6c\x72\x5d\x3e\x69\x0d\xca\xf1\xf2\xfc\x0d\xeb\x8a\xfb\x5e\xdb\xd8\x06\x1e\x49\x0a\xda\x05\xb9\x48\x1e\x36\x7e\xf4\xe2\x28\x52\x87\x26\xa5\xa7\xeb\x6e\x98\xa9\x56\x8d\xa3\x05\x7a\x30\xb7\x8e\x37\x52\xd6\x69\x01\xd5\x0e\x13\x79\xf0\xdb\x3b\x5a\x2e\xfa\x80\xd4\xd0\x83\xd6\x9a\x3e\x9c\x0d\xd4\x75\xc6\xee\x68\xc9\xde\xa5\xf4\x2f\xcf\x97\xca\x35\x6b\xc7\x1d\xd6\xf5\x8f\xc7\x7f\xc6\xe8\xe9\xbe\x4b\x9a\xce\x6d\xe1\xdf\x51\xb6\xca\x3e\x3f\x1f\xff\x8f\x54\x7f\xd9\x1d\xd5\x4d\xeb\xd8\x2d\x75\xa3\x54\x07\x05\x7c\x9e\x26\xb5\x78\x6f\x1a\xfb\x86\xa9\x34\xa2\x50\xdb\x62\x1e\x13\xc7\x71\xae\x12\x0b\xce\x85\xf2\x80\xdc\x53\xad\x5c\x10\x26\x4e\xff\x6f\x07\xf2\x89\x32\x37\xbe\xbd\x36\x59\xc7\x26\xa5\x8f\xec\xb1\x9d\x8d\xac\xf3\x53\x3a\x88\x5f\x8a\xb6\x54\xf0\x59\x8c\x73\xa8\x2d\x38\xb3\xdd\x25\x33\x2e\x4c\x63\xfa\x15\x00\x00\xff\xff\xb0\x26\xe3\xf8\x21\x02\x00\x00")
 
 func verify_contactTxtBytes() ([]byte, error) {
 	return bindataRead(
@@ -398,8 +398,8 @@ func verify_contactTxt() (*asset, error) {
 		return nil, err
 	}
 
-	info := bindataFileInfo{name: "verify_contact.txt", size: 536, mode: os.FileMode(0644), modTime: time.Unix(1659970605, 0)}
-	a := &asset{bytes: bytes, info: info, digest: [32]uint8{0xfc, 0x55, 0x37, 0x5e, 0x1, 0xc5, 0x79, 0xd0, 0x2b, 0xbd, 0x1e, 0x7f, 0x8e, 0xa3, 0x8a, 0x8c, 0xe9, 0x7d, 0x5c, 0xcf, 0xff, 0x2f, 0x17, 0xac, 0xf7, 0x18, 0xc8, 0xa3, 0xff, 0x18, 0x86, 0x8a}}
+	info := bindataFileInfo{name: "verify_contact.txt", size: 545, mode: os.FileMode(0644), modTime: time.Unix(1716397074, 0)}
+	a := &asset{bytes: bytes, info: info, digest: [32]uint8{0x7e, 0xc5, 0xb5, 0xc8, 0x8e, 0xa6, 0x30, 0x45, 0xc2, 0x82, 0x58, 0x11, 0xa7, 0xa2, 0x85, 0x26, 0x6f, 0x56, 0x1f, 0xb3, 0x18, 0x37, 0x2c, 0x4f, 0xd0, 0x4b, 0x10, 0x96, 0xe5, 0xdd, 0x86, 0xb9}}
 	return a, nil
 }
 
diff --git a/pkg/gds/emails/emails.go b/pkg/gds/emails/emails.go
index 858022952..828c82697 100644
--- a/pkg/gds/emails/emails.go
+++ b/pkg/gds/emails/emails.go
@@ -47,7 +47,7 @@ type VerifyContactData struct {
 // VerifyContactURL composes the link to verify the contact from the context. If the
 // link is not able to be composed, the function returns an empty string and logs an
 // error because without the link the email is fairly useless.
-func (d VerifyContactData) VerifyContactURL() string {
+func (d VerifyContactData) VerifyContactURL() *url.URL {
 	var (
 		link *url.URL
 		err  error
@@ -55,11 +55,11 @@ func (d VerifyContactData) VerifyContactURL() string {
 	if d.BaseURL != "" {
 		if link, err = url.Parse(d.BaseURL); err != nil {
 			sentry.Error(nil).Err(err).Msg("could not include verify contact link in email, could not parse verify contact base url")
-			return ""
+			return nil
 		}
 	} else {
 		sentry.Error(nil).Msg("could not include verify contact link in email, no verify contact base url")
-		return ""
+		return nil
 	}
 
 	params := link.Query()
@@ -67,7 +67,12 @@ func (d VerifyContactData) VerifyContactURL() string {
 	params.Set("token", d.Token)
 	params.Set("registered_directory", d.DirectoryID)
 	link.RawQuery = params.Encode()
-	return link.String()
+	return link
+}
+
+func (d VerifyContactData) VerifyContactURLUnencoded() template.HTML {
+	url := d.VerifyContactURL()
+	return template.HTML(url.String())
 }
 
 // ReviewRequestData to complete review request email templates.
diff --git a/pkg/gds/emails/emails_test.go b/pkg/gds/emails/emails_test.go
index a3ad826e8..0b66d629a 100644
--- a/pkg/gds/emails/emails_test.go
+++ b/pkg/gds/emails/emails_test.go
@@ -120,8 +120,7 @@ func TestVerifyContactURL(t *testing.T) {
 		VID:     "42",
 		BaseURL: "http://localhost:8080/verify",
 	}
-	link, err := url.Parse(data.VerifyContactURL())
-	require.NoError(t, err)
+	link := data.VerifyContactURL()
 	require.Equal(t, "http", link.Scheme)
 	require.Equal(t, "localhost:8080", link.Host)
 	require.Equal(t, "/verify", link.Path)
diff --git a/pkg/gds/emails/templates/deliver_certs.html b/pkg/gds/emails/templates/deliver_certs.html
index d7cf4f43f..3965622fb 100644
--- a/pkg/gds/emails/templates/deliver_certs.html
+++ b/pkg/gds/emails/templates/deliver_certs.html
@@ -1,8 +1,8 @@
 <p>Hello {{ .Name }},</p>
 
 <p>
-  Your TRISA network registration has been approved! Your organization has been
-  granted identity certificates validating your membership to other TRISA
+  Your TRISA network registration has been approved (or reapproved)! Your organization
+  has been granted identity certificates validating your membership to other TRISA
   members via the TRISA Global Directory. Attached to this email are PKCS12
   encrypted certificates so that you can implement the TRISA protocol using mTLS
   with other network members to exchange Travel Rule compliance information.
@@ -20,13 +20,17 @@
 </ul>
 
 <p>
-  To decrypt your certificates, <em>you will need the PKCS12 password</em> that
-  you received when you first submitted your registration. To decrypt the
-  unzipped certificates on the command line, you can use <code>openssl</code> as
-  follows (you will be prompted to enter your password):
+  To decrypt your certificates, <em>you will need a PKCS12 password</em>. If this is
+  the first certificate you've received after registration, you'll need the PKCS12
+  password that was displayed during the registration process. If these are annually
+  re-issued certificates, you'll need the PCKS12 password that was emailed to you via a
+  one-time Whisper link preceding this email.
 </p>
 
-<pre>$ openssl pkcs12 -in INFILE.p12 -out OUTFILE.crt -nodes</pre>
+<p>
+  To decrypt the unzipped certificates on the command line, you can use <code>openssl</code>
+  as described in <a href="https://trisa.dev/joining-trisa/pkcs12/index.html#accessing-and-saving-the-certificates">our documentation</a>.
+<p>
 
 <p>
   For more information on integrating with the TRISA network, please see our
diff --git a/pkg/gds/emails/templates/deliver_certs.txt b/pkg/gds/emails/templates/deliver_certs.txt
index 7141003d9..5f051c62f 100644
--- a/pkg/gds/emails/templates/deliver_certs.txt
+++ b/pkg/gds/emails/templates/deliver_certs.txt
@@ -1,6 +1,6 @@
 Hello {{ .Name }},
 
-Your TRISA network registration has been approved! Your organization has been granted identity certificates validating your membership to other TRISA members via the TRISA Global Directory. Attached to this email are PKCS12 encrypted certificates so that you can implement the TRISA protocol using mTLS with other network members to exchange Travel Rule compliance information.
+Your TRISA network registration has been approved (or reapproved)! Your organization has been granted identity certificates validating your membership to other TRISA members via the TRISA Global Directory. Attached to this email are PKCS12 encrypted certificates so that you can implement the TRISA protocol using mTLS with other network members to exchange Travel Rule compliance information.
 
 The primary details of your directory entry are as follows:
 
@@ -11,9 +11,11 @@ Common Name: {{ .CommonName }}
 Serial Number: {{ .SerialNumber }}
 Endpoint: {{ .Endpoint }}
 
-To decrypt your certificates, you will need the PKCS12 password that you received when you first submitted your registration. To decrypt the unzipped certificates on the command line, you can use openssl as follows (you will be prompted to enter your password):
+To decrypt your certificates, you will need a PKCS12 password. If this is the first certificate you've recieved after registration, you'll need the PKCS12 password that was displayed during the registration process. If these are annually re-issued certificates, you'll need the PCKS12 password that was emailed to you via a one-time Whisper link preceding this email.
 
-openssl pkcs12 -in INFILE.p12 -out OUTFILE.crt -nodes
+To decrypt the unzipped certificates on the command line, you can use `openssl` as described in our documentation here:
+
+https://trisa.dev/joining-trisa/pkcs12/index.html#accessing-and-saving-the-certificates
 
 For more information on integrating with the TRISA network, please visit our documentation at https://trisa.dev/. If you have any questions, you may contact us at support@rotational.io or join us on our Slack channel trisa-workspace.slack.com. Please do not reply directly to this email.
 
diff --git a/pkg/gds/emails/templates/verify_contact.html b/pkg/gds/emails/templates/verify_contact.html
index 4e66b218a..a5e338264 100644
--- a/pkg/gds/emails/templates/verify_contact.html
+++ b/pkg/gds/emails/templates/verify_contact.html
@@ -7,7 +7,7 @@
 If you cannot click on the link, please copy and paste the link below into your
 browser address bar:</p>
 
-<p><code>{{ .VerifyContactURL }}</code></p>
+<p><code>{{ .VerifyContactURLUnencoded }}</code></p>
 
 If you're having trouble verifying your contact email, please contact the TRISA admins
 at <a href="mailto:support@rotational.io">support@rotational.io</a> or on our community
diff --git a/pkg/gds/emails/templates/verify_contact.txt b/pkg/gds/emails/templates/verify_contact.txt
index 3391c5f22..b79945c42 100644
--- a/pkg/gds/emails/templates/verify_contact.txt
+++ b/pkg/gds/emails/templates/verify_contact.txt
@@ -4,7 +4,7 @@ Thank you for submitting a TRISA network registration request. To begin the revi
 
 If you cannot click on the link, please copy and paste the link below into your browser address bar:
 
-{{ .VerifyContactURL }}
+{{ .VerifyContactURLUnencoded }}
 
 If you're having trouble verifying your contact email, please contact the TRISA admins at support@rotational.io or on our community Slack channel trisa-workspace.slack.com.