Let’s Encrypt, the open Certificate Authority, passed 5 million active (unexpired) certificates this week. The project came out of beta in April and has grown rapidly in the past few months. At the end of June, Let’s Encrypt reported that it had 3.8 million active certificates covering more than 7 million unique domains. In a little over a month, the number of active certificates has passed 5 million.
Let’s Encrypt attributes this growth to large-scale deployments from companies such as OVH, WordPress.com, Akamai, Shopify, Dreamhost, and Bitly.
The release of cPanel and WHM version 58.0.17 will also contribute to the growth, as it adds support for Let’s Encrypt to cPanel’s AutoSSL feature. This allows hosts to trigger the automatic request and installation of Domain Validated SSLs for their customers.
According to Benny Vasquez, cPanel’s Community Manager, adding support for Let’s Encrypt wasn’t even on cPanel’s roadmap until earlier this year. They decided to fast track it after it became the most requested feature from cPanel’s community, with more than 900 votes.
In an interview with Opensource.com Josh Aas, founder of the Internet Security Research Group (ISRG), explained why he and Eric Rescorla decided to build a new Certificate Authority, as opposed to trying to change existing authorities.
“Eric and I believed that the Web needed a free and entirely automated way for anyone to get a certificate, ideally in a matter of seconds,” Aas said. “We wanted the system to be capable of automating all management on the client side, so that turning on TLS wouldn’t require knowing any details about how to request, pay for, properly install, configure, or renew certificates.”
Aas said that almost none of their ideas were entirely original but that mainstream certificate authorities had no incentive to adopt them into the ecosystem. With the help of sponsors like Mozilla, Automattic, Cisco, Facebook, and Akamai, they were able to realize their vision of creating a free, automated, and open certificate authority.
In June, Let’s Encrypt reported on its progress towards accelerating the growth of HTTPS on the web:
When we launched in December of 2015, 39.5% of page loads on the Web used HTTPS (as measured by Firefox Telemetry). By mid-April 2016 that number was up to 42% and today it stands at 45%.
Self-hosted WordPress site owners who want to install a free Let’s Encrypt certificate have a few options. There are several tutorials for setting it up yourself:
- How to Add Free SSL in WordPress with Let’s Encrypt
- Securing your self-hosted WordPress website with Let’s Encrypt – video
- HTTP/2, HTTPS, Let’s Encrypt and WordPress
The WP Encrypt plugin, created by Felix Arntz, is another option that makes it easy for users to register, generate, renew, and revoke certificates for a WordPress site directly from the admin. It also automatically renews existing certificates before they expire. The plugin is fully compatible with both multisite and multi-network installations where it will generate the certificate for all sites on a single network or all sites in all the networks. WP Encrypt is available for free on WordPress.org.
It’s the automation that makes me love Let’s Encrypt. I used to buy SSLs and the issuing and renewing was a huge pain in the ass. I always dreaded it.