Let’s Encrypt Offers Free Multi-Domain HTTPS Certificates Thumbnail
Encryption 28 March 2018

Let’s Encrypt Offers Free Multi-Domain HTTPS Certificates

Grant Gross
By Grant GrossGuest AuthorTechnology Reporter

Let’s Encrypt, a nonprofit certificate authority launched in 2016, has delivered on its pledge to offer free certificates that enable secure HTTP connections for complete domains.

The organization’s new wildcard certificate service, allowing website operators to secure all subdomains of a domain with a single certificate, should help the Internet become more secure by enabling wider deployment of HTTPS, Josh Aas, executive director of the Internet Security Research Group, wrote in a blog post. (Full disclosure: the Internet Society is a major sponsor of Let’s Encrypt.)

Last July, Let’s Encrypt had promised that it would offer free wildcard certificates. With the recent release of the ACMEv2 [Automatic Certificate Management Environment] Protocol, the organization delivered on that promise.

“Wildcard certificates can make certificate management easier in some cases, and we want to address those cases in order to help get the Web to 100% HTTPS,” Aas wrote. “We’re excited about the prospect of a 100% HTTPS Web and we’re working hard to get there.”

A wildcard certificate isn’t recommended for all websites, Aas noted. In most cases, other certificates, such as single-domain ones, will be more appropriate.

Although wildcard certificates enable streamlined management of HTTPS, some security experts see a potential vulnerability when one is used to secure a large number of websites and the certificate’s private key is compromised. Then, the hacker could use the key to set up a rogue website.

The new wildcard certificates are only available with the new ACMEv2 protocol. To use ACMEv2 for wildcard or non-wildcard certificates, websites will need to be updated to a new ACME client, Aas wrote. Let’s Encrypt will continue to support ACMEv1 for now.

To get started with TLS on your site, please see our Deploy360 TLS resources and our encryption page.

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Encryption 21 September 2023

Techxit: The UK Declares Its Exit from the High-Tech Startup World

No one in their right mind would now want to start up a high-tech company in the UK. With...

Encryption 11 August 2023

Encryption, Bad Bills, and Ripple Effects: How Riana Pfefferkorn Protects the Internet

We spoke with Riana Pfefferkorn, research scholar at the Stanford Internet Observatory, about encryption and protecting the Internet.

Strengthening the Internet 14 June 2023

Speak Out Against Bills That Threaten End-to-End Encryption

The EARN IT Act, STOP CSAM Act, and KOSA in the United States threaten to weaken end-to-end encryption which...