JIYIK CN >

Current Location:Home > Learning > NETWORK >

Detailed introduction to Let's Encrypt

Author:JIYIK Last Updated:2025/03/16 Views:

Let's Encrypt is a free, automated, and open certificate authority that officially launched in April 2016. It was originally founded in 2012 by two Mozilla employees. Their goal for founding Let's Encrypt was really simple; to encrypt the entire web and make it a more privacy-respecting place. This might sound a little crazy, but as you know, Google has been pushing HTTPS heavily over the past few years. Let's Encrypt is really starting to make a big impact in the industry, especially as it relates to free SSL hosting.

Certificate authorities are the organizations that issue SSL/TLS certificates, which are responsible for encrypting your data and e-commerce transactions. Not just anyone can suddenly become a certificate authority, as they need to be trusted by many different platforms. Browsers and devices trust certificate authorities (CAs) by accepting root certificates into their root stores, which are basically databases of approved CAs that come pre-installed in your browser or device.

Trusted Root Certification Authorities

Microsoft, Mozilla, Apple, all have their own root stores. So to become a CA, you need to be trusted by some of the biggest names in the industry. When Let's Encrypt first launched, they received a cross-signature from IdenTrust, which made them trusted by all the major browsers. Read more about how Let's Encrypt works. For web hosts like Kinsta, Let's Encrypt now enables us to deploy SSL certificates in one click! The good news is, everything is instant and automated.

Let's Encrypt statistics

According to Let's Encrypt statistics, the number of websites and companies using Let's Encrypt has been growing at a very fast pace. As of January 2021, they have issued nearly 2.5 billion certificates and have over 75 million active SSL certificates. Thanks to the project, the encrypted web has grown from 40% to 58% in less than two years. This is partly due to many web hosting companies and CDN providers joining Let's Encrypt integration to provide free SSL hosting.

Free SSL Let's Encrypt Statistics

On average, they issue between 80k and over 600k SSL certificates per day.

Free SSL certificates issued daily

Let's Encrypt also believes in full transparency. All issued or revoked certificates are publicly logged and available for anyone to inspect. You can actually use this certificate search tool from COMODO to look up any issued Let's Encrypt certificate.

Let's Encrypt compatibility

There are two main factors that confirm the validity of a Let's Encrypt certificate. An invalid SSL certificate may cause users to face a "your connection is not private" error, which may drive them away. First, the platform must support IdenTrust's DST Root X3 certificates in its trust store. The second is that the platform must support modern SHA-2 certificates. The following browsers support Let's Encrypt certificates:

  • Mozilla Firefox v2 and above
  • Google Chrome
  • Internet Explorer on Windows XP SP3 and later (versions prior to SP3 cannot handle SHA-2 signed certificates)
  • Microsoft Edge
  • Android OS v2.3.6 and above
  • Safari v4 and above on MacOS
  • Safari on iOS v3.1 and later
  • Debian Linux v6 and later
  • Ubuntu Linux v12.04 and later

Therefore, you can rest assured that your free SSL certificate will work on 99% of devices.

What does free SSL hosting mean to us?

By having access to Let's Encrypt, it means you no longer have to deal with the messy process of obtaining certificate keys, private keys, debugging intermediate certificates, or generating CSRs. The process of obtaining an SSL certificate on your website and migrating to HTTPS just got a lot easier! It's basically a one-click integration now. Let's Encrypt is also completely secure. It's backed by companies and businesses like Automattic, Mozilla, Cisco, Google Chrome, Facebook, Sucuri - just to name a few.

SSL certificates from Let's Encrypt by design expire every 90 days. However, they can be automatically renewed on your server using certbot.

It’s important to note that Let’s Encrypt only supports domain-validated certificates. This means you’ll see a padlock in the address bar of your website, like this:

The https address bar shows a lock

However, they do not offer Organization Validation or Extended Validation certificates. This means that the certificates will not have a warranty, which is insurance for end users against losing money when submitting payments on SSL secured sites.

We do not anticipate that Let's Encrypt will support EV, as the EV process will always be manual and someone will have to pay for it.

So if you’re an enterprise or large business, Let’s Encrypt might not be for you. But the good news is that it should work fine for most personal websites.

Additionally, they will support wildcard certificates starting in January 2018. A wildcard certificate can secure any number of subdomains (for example *.domain.com). This allows a single certificate and key pair to be used for a domain and all its subdomains, which can significantly simplify HTTPS deployments.

Benefits of HTTPS

Don't forget the many advantages of running your WordPress site over HTTPS. By using our new Let's Encrypt integration, you can benefit from:

  1. Your data is now encrypted and secure. No plain text is passed around. This is important for e-commerce transactions of course, but even for logging into your WordPress site.
  2. Google has officially stated that HTTPS is a ranking factor.
  3. The green padlock bar helps build trust and credibility with your visitors.
  4. Avoid the Chrome warning released in January 2017 that marks HTTP pages that collect passwords or credit cards as unsafe.
  5. Better, more accurate referral data. By default, HTTPS to HTTP referral data is blocked in Google Analytics.
  6. By using Let's Encrypt and enabling HTTPS, you can benefit from HTTP/2 on your site, which means performance improvements.
  7. Now you can also benefit from free SSL hosting.

Verifying Your SSL Certificate

There are a few ways to verify that your site is now using a Let's Encrypt certificate. If you are overwriting your current custom SSL certificate, it's a good idea to check that everything is set up correctly. One way is to browse to your site via https:// and open Chrome Devtools.

  • Windows: F12OrCtrl + Shift + I
  • Mac:Cmd + Opt + I

Click on the Security panel and then click View Certificate. Then you can check the issuer. It should be "Let's Encrypt Authority X3".

Certificates issued by Let's Encrypt

The easiest way to do this is to use the free SSL Checker tool from Qualys SSL Labs. Enter your domain and have it scan your site.

For reprinting, please send an email to 1244347461@qq.com for approval. After obtaining the author's consent, kindly include the source as a link.

Article URL:

Related Articles

How to redirect a website from HTTP to HTTPS

Publish Date:2025/03/16 Views:117 Category:NETWORK

HTTPS is a protocol for secure communication over computer networks and is widely used on the Internet. More and more website owners are migrating from HTTP to HTTPS, mainly due to the following 5 reasons: Google announced that websites usi

How to Fix the “SSL Handshake Failed” Error (5 Methods)

Publish Date:2025/03/16 Views:96 Category:NETWORK

Installing a Secure Sockets Layer (SSL) certificate on your WordPress site enables it to use HTTPS for a secure connection. Unfortunately, there are a lot of things that can go wrong in the process of verifying a valid SSL certificate and e

10 Ways to Fix NET::ERR_CERT_DATE_INVALID Error

Publish Date:2025/03/16 Views:136 Category:NETWORK

Having an SSL certificate gives people more peace of mind when using your website. When the NET::ERR_CERT_DATE_INVALID error indicates a problem with the certificate, it blocks visitors from accessing your website until the problem is fixed

HTTP2 Tutorial - How to use HTTP/2 with HTTPS

Publish Date:2025/03/16 Views:84 Category:NETWORK

HTTPS is used to build ultra-secure networks connecting computers, machines, and servers to handle sensitive business and consumer information. HTTP/2 browser support includes HTTPS encryption, which actually complements the overall securit

How to Fix ERR_SSL_PROTOCOL_ERROR Error

Publish Date:2025/03/17 Views:96 Category:NETWORK

If your website won’t load over a secure connection due to an error like ERR_SSL_PROTOCOL_ERROR, then this is the right place to start. In this article, we’ll explain what this type of error means and walk you through how to fix it so y

在 Python 中导入 OpenSSL

Publish Date:2023/12/20 Views:204 Category:Python

本教程演示了如何在 Python 中使用 OpenSSL。我们旨在学习如何在 Python 中使用 OpenSSL。安装 OpenSSL Python 库

使用 Java 创建 HTTPS 服务器

Publish Date:2023/08/10 Views:285 Category:Java

本文介绍如何使用 Java 创建简单的 HTTPS 服务器。使用 Java 创建 HTTPS 服务器 在用JAVA创建HTTPS服务器之前,我们必须确保已经生成了服务器将使用的Keystore和Truststore。

Scan to Read All Tech Tutorials

Social Media
  • https://www.github.com/onmpw
  • qq:1244347461

Recommended

Tags

Scan the Code
Easier Access Tutorial