Let's Encrypt free wildcard certificates now live

The authority says the free certificate service will "break down barriers for HTTPS adoption across the Web."
Written by Charlie Osborne, Contributing Writer
Christopher Schirner

A project dear to its heart, Let's Encrypt has now made wildcard certificate support live in the next step to encrypt the Web.

The certificate authority, which offers free SSL and TLS certificates to webmasters, said this week that support is now live for wildcard certificates, alongside ACMEv2.

First announced back in 2017, Let's Encrypt "wildcard" certificates are free certificates for HTTPS deployment. The wildcards act in the same way as traditional TLS certificates but can be used to secure a domain and unlimited sub-domains on a single certificate, making deployment quicker.

Another important aspect is that these certificates are free, which means that any webmaster can use them to enable encryption without opting for pricey alternatives.

ACMEv2 is an updated version of the organization's ACME protocol which has undergone IETF standards checks. A variety of clients and browsers support the system, and ACMEv2 is required to use wildcard certificates.

"Wildcard certificates can make certificate management easier in some cases, and we want to address those cases in order to help get the Web to 100 percent HTTPS," Let's Encrypt said. "It is our intent to transition all clients and subscribers to ACMEv2, though we have not set an end-of-life date for our ACMEv1 API yet."

See also: How to use Let's Encrypt to secure your websites

In January, Let's Encrypt disabled TLS-SNI-01 validation after researchers discovered an attack which harnessed the protocol in cyberattacks.

The ACME TLS-SNI-01 challenge type can be used to exploit some shared hosting infrastructures to obtain certificates for websites that attackers do not own.

For your smart office: Must-have gadgets and accessories (in pictures)

Previous and related coverage

Editorial standards