Let's Encrypt free certificates now trusted by major browsers

Let's Encrypt is well on the way to offering HTTPS to everyone for free.

Let's Encrypt reached a major milestone this week by announcing the project's free security certificates are now trusted by all major browsers including Firefox and Chrome.


San Francisco-based Let's Encrypt is a free open-source certificate authority (CA) operating under the Internet Security Research Group (ISRG).

Supported by the likes of Mozilla, Cisco, Akamai and EFF, the project aims to offer free trusted security certificates to better encrypt communication across web domains. The automatic process offered by Let's Encrypt will serve as a platform for the expansion of the TLS security protocol, and all certificates issued or revoked will be transparent and on public record.

Last month, Let's Encrypt issued its first digital certificate. The test certificate was based on an ISRG root which was only available as a demo, but the project has rapidly developed in the past several weeks -- resulting in the authority becoming trusted by all major browsers.

A cross-signature needed to be in place before security certificates could be issued fully to the public. One of Let's Encrypt's partners, SSL certificate provider IdenTrust, has shouldered this task and granted the project the cross-signatures requires to make the certificates trustworthy.

ISRG Executive Director Josh Aas calls this partnership a "major milestone" as "visitors to websites using Let's Encrypt certificates can enjoy a secure browsing experience with no special configuration required."

Let's Encrypt intermediate certificates, Let's Encrypt Authority X1 and Let's Encrypt Authority X2, are now equipped with IdenTrust cross-signatures. The public should be able to sign up for their own free certificates in November, whether for personal or commercial use.

Encryption and secure communication have become a battlefield topic between technology companies and government bodies of late.

Police and intelligence agencies are concerned that across-the-board encryption will make tracking criminals and their activities difficult while consumers have turned in their droves towards anonymizing and surveillance-thwarting services in the wake of spying revelations leaked to the media by former NSA contractor Edward Snowden.

Let's Encrypt's certificates make secure communications cheaper and, come November, will be available for webmasters to implement -- a victory on the side of encryption. In addition, by adding HTTPS protocols to websites, operators will enjoy higher search rankings. Google has previously called for "HTTPS Everywhere" and so webmasters which take advantage of the free certificate authority will reap the benefits.

See also: US says no to encryption law - for now

Aas commented:

"Vital personal and business information is flowing over the Internet more frequently than ever, and it's time to encrypt all of it. That's why we created Let's Encrypt, and we're excited to be one big step closer to bringing secure connections to every corner of the Web."

Read on: Top picks

Show Comments