n case you are not up to date, since April 2016 there has been a big change in the world of SSL certificates.
Mozilla, Akamai, Cisco and other big companies have joined forces and executed a new project called “Let’s encrypt” which offers to issue a free SSL certificate to everyone who needs it.
This is a huge event in the world of SSL certificates.
Website owners pay a lot of money in order to purchase SSL certificates issued by an authorized issuer (CA).
One of the main interests of every issuer is to be trusted by all web browsers (or at least all major browsers such as Chrome, Firefox, and IE). And for this purpose, issuers pay very large amounts of money. So the fact that an authorized issuer (Let’s encrypt) issues SSL certificates for free, is a really big thing.
Big money is involved here! So how come someone would want to issue free SSL certificates? What’s going on?
Let’s encrypt deeply believes in securing the internet and making it a safer place for all of us.
When we use the HTTP protocol, all of our internet activity is forwarded in clear-text, including credit card numbers! When using a physically secure link, such as a physical wire between two computers, this is not a problem. But when using WiFi for example, everyone who uses the same WiFi can theoretically see all of our traffic!
This is why SSL is so important. SSL secures HTTP and turns it into an HTTPS connection that encrypts our internet activity so that any sniffers or hackers that are monitoring traffic, have no idea what they are looking at!
For more information about how Let’s Encrypt SSL works, check out their article.
There are still a few cons to using Let’s encrypt versus using an SSL provider that you pay money for. For example, Let’s encrypt requires you to renew your certificate every 3 months and still doesn’t support EV certificates and wildcard certificates. However, Let’s encrypt is constantly being worked on, so all of these issues might be fixed in the future.
As an example, although Let’s encrypt does not currently support wildcard certificates, according to Let’s encrypt, support for wildcard certificates is planned for 2018.
If you own a non-commercial website, Let’s encrypt is just right for you! However, I can not yet fully recommend Let’s encrypt for commercial websites due to certain limitations.
Although Let’s encrypt certificates are supported in newer versions of all major browsers which is used by most people, there will still be some people with older versions who will receive a warning about your certificate. Additionally, Let’s encrypt is not supported on JAVA based phones, and is not covered by insurance. There may be additional limitations which are not described here. So be sure to check out other sources, such as the Legal Repository and FAQ before using Let’s encrypt.
Looking at how fast Let’s encrypt is growing, I predict that in the future Let’s encrypt will certainly scale up and will become a major player in the SSL certificate field, so pay attention!