Let’s Encrypt Offers Free Multi-Domain HTTPS Certificates Thumbnail
Encryption 28 March 2018

Let’s Encrypt Offers Free Multi-Domain HTTPS Certificates

Grant Gross
By Grant GrossGuest AuthorTechnology Reporter

Let’s Encrypt, a nonprofit certificate authority launched in 2016, has delivered on its pledge to offer free certificates that enable secure HTTP connections for complete domains.

The organization’s new wildcard certificate service, allowing website operators to secure all subdomains of a domain with a single certificate, should help the Internet become more secure by enabling wider deployment of HTTPS, Josh Aas, executive director of the Internet Security Research Group, wrote in a blog post. (Full disclosure: the Internet Society is a major sponsor of Let’s Encrypt.)

Last July, Let’s Encrypt had promised that it would offer free wildcard certificates. With the recent release of the ACMEv2 [Automatic Certificate Management Environment] Protocol, the organization delivered on that promise.

“Wildcard certificates can make certificate management easier in some cases, and we want to address those cases in order to help get the Web to 100% HTTPS,” Aas wrote. “We’re excited about the prospect of a 100% HTTPS Web and we’re working hard to get there.”

A wildcard certificate isn’t recommended for all websites, Aas noted. In most cases, other certificates, such as single-domain ones, will be more appropriate.

Although wildcard certificates enable streamlined management of HTTPS, some security experts see a potential vulnerability when one is used to secure a large number of websites and the certificate’s private key is compromised. Then, the hacker could use the key to set up a rogue website.

The new wildcard certificates are only available with the new ACMEv2 protocol. To use ACMEv2 for wildcard or non-wildcard certificates, websites will need to be updated to a new ACME client, Aas wrote. Let’s Encrypt will continue to support ACMEv1 for now.

To get started with TLS on your site, please see our Deploy360 TLS resources and our encryption page.

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Strengthening the Internet 30 May 2024

Bill S-210 Threatens Canadians’ Access to the Internet 

Canadian Bill S-210 threatens to break the Internet in Canada and fragment Canadians' access. Help spread the word that...

Strengthening the Internet 12 March 2024

Nevada Wants to Reduce Online Protections for Children: All Internet Users Should Benefit from Strong Encryption

Protect children online by supporting end-to-end encryption in Facebook Messenger. Join us in the fight against weakening online protection...

Strengthening the Internet 31 January 2024

Keeping Kids Safe Online: Navigating the New Parents’ Guide to Encryption

Do you know how you're keeping your kids safe online? Using encryption, there are simple changes you can make...