Let’s Encrypt — A Free Security Certificate for Your Website

owl-mascot

Since Edward Snowden publicly revealed the depths and widths of global internet surveillance, encrypting the web has become a hot issue. One of the best safeguards against hijacking communication transmitted through your website that I have come across is called Let’s Encrypt.

What Is Let’s Encrypt?

Let’s Encrypt offers automated domain validated certificates to any website owner completely for free. These are the certificates that make your website start with https:// instead of http://.

Let's Encrypt TLS certificate issued for stosu.com

Let’s Encrypt TLS certificate issued for stosu.com

They are often called SSL certificates, although the Secure Sockets Layer protocol is now deprecated and completely superseded by the Transport Layer Security or TLS protocol. This is also the protocol Let’s Encrypt utilizes for issuing certificates.

Let’s Encrypt started issuing certificates in public beta is now sponsored by many of the largest and most well-known online companies, including Google, Facebook, Mozilla, Akamai, or Automattic.

You can read more about the certificate issuance process here.

Just to be clear, Let’s Encrypt does not offer organization validated or extended validation certificates. These are the ones that require notarized documents to be submitted to the certificate authority (CA). The CA then reviewes and double-checks all submitted information and issues a certificate.

Those certificates come with a green browser bar containing the name of the organization which operates the domain. And they are quite pricey…

Comparison of Symantec SSL certificates

Comparison of Symantec SSL certificates

The $1000 price mark is not unusual for these extended validation certificates.

The Benefits

The benefits of using a security certificate for your domain are obvious:

  • you fight back against a big brother style total surveillance of the web
  • you make sure that attackers are not able to hijack your site’s sessions
  • you make sure that your visitors’ and, more importantly, your customers’ information are transmitted securely

Hosting Providers Implementing Free SSL Certification

Several hosting companies have already implemented the Let’s Encrypt solution.

Here is a list of those hosting providers who are publicly stating so:

I am using Cyon’s services myself. And they made activating the security certificates truly idiot-proof. Look…

Let's Encrypt SSL certificate management implementation by Cyon

Let’s Encrypt SSL certificate management implementation by Cyon

A free one-click approach to getting an SSL certificate is the best and most user-friendly way to make web communication more secure. Other hosting providers should and will follow in their tracks.

An explosion of free certificates issued

An explosion of free certificates issued — https://letsencrypt.org/stats/

Implement It Yourself

Of course, you can also request a certificate for your domain yourself. There are automated modules available for Apache and Nginx servers in the master GitHub branch: https://github.com/letsencrypt/letsencrypt.

In case you don’t have access to your server’s root or don’t want to allow access to it, you can use: https://github.com/diafygi/letsencrypt-nosudo.

There’s also this handy list comparing 10 Lets Encrypt clients.

There are several nicely written tutorials regarding the technical aspects of the implementation.

Just Google or read through one of the following write-ups:

Final Thoughts

In conclusion, there’s not much to add but a great and heartfelt thank you. Thank you, Let’s Encrypt people.

In my mind, Let’s Encrypt is another strong link in the security chain that already involves GNU Privacy Guard, GPG4Win, Enigmail, Mailvelope, and ProtonMail.

All these tools are totally awesome and totally free.

Liked this post?

Subscribe to our newsletter to receive early notification of new posts and deals:

Next Post »« Previous Post

Leave a Reply

Your email address will not be published. Required fields are marked *