Let's Encrypt alternatives through ACME are growing

With the large number of attacks targeting websites, no need to remember that one of the essential means To prevent such attacks is still the adoption of security measures such as website encryption.

It is in this context that public services were launched in 2015 from the certification authority Let's Encrypt, which offers tools in this direction with the provision of automated means for the installation and renewal of free certificates. for the TLS encryption protocol.

To facilitate the deployment and adoption of HTTPS on the web, The authority has used different strategies. For example, through version 2 of the ACME (Automated Certificate Management Environment) protocol, it has offered "wildcard certificates" free of charge since March 2018.

They are intended to protect any number of subdomains of 'a basic domain. In other words, with these generic certificates, administrators can use a single certificate and key pair for a domain and all its subdomains, and no longer individually register a certificate for each web address as was the case until now. 'at that moment.

Let's Encrypt distributed a large volume of free certificates per day in 2016, sometimes exceeding the 100.000 certificate mark per day. At the end of June 2017, the authority indicated that it had passed 100 million certificates since its launch in December 2015. Let us remember that in February 2017, Let's Encrypt was used by 13,70% of all registered French domains.

In February 2020, Let's Encrypt reported delivering XNUMX billion certificates to the web. The announcement was made by Josh Aas and Sarah Gran on the company blog:

“We issued our 27 billionth certificate on February 2020, XNUMX. We will use this large round number as an opportunity to reflect on what has changed for us and for the Internet, which led to this event. In particular, we want to talk about what has happened since we last talked about a large number of certificates: one hundred million.

“One thing that is different now is that the web is much more encrypted than it used to be. In June 2017, around 58% of page loads were using HTTPS globally, 64% in the United States. Today, 81% of page loads use HTTPS worldwide, and we are 91% in the United States! It is an incredible achievement. It is much more privacy and security for everyone.

Through ACME, ZeroSSL has joined the small group of authorities certification They offer free 90-day certificates through ACME. As stated on the site, you have the option to protect your websites using SSL certificates for 90 days at no cost by subscribing to the free ZeroSSL plan. Validating the certificate only takes a few minutes and installation is as easy as it is with instructions every step of the way.

Users can also build trust, secure customer transactions and stay ahead of web threats by using one-year ZeroSSL Premium SSL certificates for one or more domains, which support wildcard certificates and take less than 10 minutes to install.

Activation of the SSL protocol allows to ensure the exchange of data between the website and Internet users. Security that has become essential in the eyes of users.

The ACME protocol (which stands for Automatic Certificate Management Environment, literally "Automatic Certificate Management Environment") is a communication protocol to automate exchanges between certification authorities and web server owners.

Getting more CAs to support ACME in this way is not about asking for Let's Encrypt to be discontinued, but about having more diversity in the ecosystem and making it more trustworthy.

Let's Encrypt could be in a disaster scenario (from simple mistake to decision to stop operations).

Whatever happens, even if a disaster scenario does not occur, it is always better to have options and this is what offers like ZeroSSL offer.

You also have to consider how easy it is to change ACs, which can be a bit of a chore.

The content of the article adheres to our principles of editorial ethics. To report an error click here!.

Be the first to comment

Leave a Comment

Your email address will not be published.



  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.