Let’s Encrypt’s beta program is now open to the public a year after the service was first announced. Let’s Encrypt adds software automation to the Domain Validation (DV) certificate creation, which means the certificates can be provided free of charge to anyone.
The certificate business has been disliked by many website developers because they didn’t like having to pay for something that they believe should be free. The digital certificate is only a file that is signed by a Certificate Authority. However, not that many sites were using HTTPS encryption in the past, and Certificate Authorities had to charge even for something as simple as DV certificates to develop a business.
In the past few years, especially after the Snowden revelations in 2013, many more sites have started using HTTPS encryption by default. There has also been no major performance issue with using HTTPS encryption in recent years due to how powerful computing hardware has become. The recently standardized HTTP/2 protocol in encrypted mode can also be even faster than the unencrypted HTTP/1.1 protocol, making the transition to fully encrypted websites even easier for all developers.
Because of Let’s Encrypt, some major Certificate Authorities are also considering offering free DV certificates and switch to a more “freemium” business model. They could soon give out DV certificates for free, but continue to charge for Extended Validation certificates, as well as other security services.
Let’s Encrypt has already issued 26,000 certificates in the limited beta period, which made the team behind it confident enough that they can now launch the public beta. Let’s encrypt is supported by organizations and companies such as the EFF, Mozilla, Cisco, and Akamai, which are “Platinum” sponsors. Facebook has also recently become one of the “Gold” sponsors of the project.
Alex Stamos, Chief Security Officer at Facebook, said, “Making it easier for websites to deploy HTTPS encryption is an important step in improving the security of the whole internet, and Facebook is proud to support this effort.”
Instructions for how to install the Let’s Encrypt client and get a free certificate can be found here. Other developers have also created alternative clients that can be simpler or easier to use. However, with these clients, you'll have to manually handle the renewable of the certificates yourself, whereas Let's Encrypt's official client does it automatically every 90 days.
Lucian Armasu joined Tom’s Hardware in early 2014. He writes news stories on mobile, chipsets, security, privacy, and anything else that might be of interest to him from the technology world. Outside of Tom’s Hardware, he dreams of becoming an entrepreneur.
You can follow him at @lucian_armasu. Follow us on Facebook, Google+, RSS, Twitter and YouTube.
Remember folks, disable SSL V1, 2 and 3. They are now totally insecure. Only TLS 2.0 still works.
Ummm... TLS 2.0 doesn't exist. It's actually TLS 1.0, 1.1 and 1.2.
Umm...depending on which reports you believe, Microsoft IIS runs on nearly 40% of web servers, although I'm sure much of that is email server share. Those need certificates too.