Website visitors are warier about the sites they visit today, and an insecure website often gets shuffled to the bottom of search rankings. If you’re starting a new website or haven’t updated yours in a while, Let’s Encrypt is your best bet for a first Secure Sockets Layer (SSL) certificate.
This Certificate Authority (CA) is only of only a handful that provides free SSL certificates to website owners. However, there are limitations, and Let’s Encrypt SSL isn’t suitable for all types of websites.
Manage Multiple Free SSLs at One Place
Managing multiple SSLs on different platforms can be frustrating. Zero SSL lets you generate and manage up to three certificates valid for up to 90 days for $0 > Click here to learn more.
What is Let's Encrypt?
Let’s Encrypt is the fastest and easiest way to get an SSL certificate. It’s secure and trusted by all major browsers. Most importantly, Let’s Encrypt SSL certificates are user-friendly and a great advantage for new or non-commercial websites.
The organization itself is a Certificate Authority (CA) sponsored by the Internet Security Research Group. Its objective was to help increase the security and privacy aspects of the Internet by promoting HTTPS. Mozilla, Akamai, Cisco, the Electronic Frontier Foundation, Identrust, and the University of Michigan founded the initiative.
Let's Encrypt offers Domain Validated certificates — an SSL certificate that proves that you own or control the domain for your website. It does not verify your identity or confirm your organization’s legitimacy.
If you want a more comprehensive validation of who you are as an individual or business entity, other options are available, such as Extended Validation Certificates (EV).
Who Should Use Let's Encrypt?
Let's Encrypt is ideal for many use cases, but not all. Here are a few to get started, but remember that the list isn’t exhaustive.
Those with Limited Budgets
Let's Encrypt SSL certificates are 100% free, and you can request new certificates as often as you need them. If some of your SSL certificates expire after three months, others are about to expire and need renewing, or you just want to install a certificate for a new domain, Let's Encrypt will provide one for no cost.
Those With Limited Technical Skills
The biggest issue many people have with SSL certificates is setting them up on the web server. You can do this manually or through tools built into most hosting control panels. However, with Let's Encrypt, the process is even more straightforward because you can use the automatic installer with most hosting accounts.
Those Needing Only the Basics
Let's Encrypt provides Domain Validation (DV) level security which is sufficient if you're securing an eCommerce site that uses payment platforms like PayPal or Stripe to handle financial transactions instead of doing it yourself directly through your website.
DV-level security may not be the best option if you collect sensitive data like credit card numbers. Extended Validation (EV) level security would be much better in that situation because it includes extra steps like validating other forms of identification.
How to Install Let's Encrypt SSL On Your Website
Installing Let's Encrypt SSL is not particularly difficult or time-consuming. Still, it can be confusing if you've never done it before. The installation process varies from host to host. Many hosting companies provide an automatic SSL installation tool specifically for Let’s Encrypt users. The method may also vary depending on the control panel used.
Installing Let's Encrypt SSL on cPanel
- Log into your cPanel account and click on Let’s Encrypt SSL.
- Click +Issue next to the domain name you wish to secure.
- Select the domains and aliases you wish to include.
- Click the Issue button.
Installing Let's Encrypt SSL on Plesk
- Log into your Plesk control panel and select Extensions from the menu bar.
- Click on the Extensions Catalog panel.
- Find the Plesk extensions option and click the down arrow to open the submenu.
- Ensure a green checkmark on the Let’s Encrypt option, then click Continue.
- Once the extension is ready, select the domain you wish to secure.
- Provide your email address and click Install.
- Check the SSL/TLS support in the Security section, selecting Let’s Encrypt.
Most web hosts now offer Let's Encrypt SSL installation services through their user control panel (cPanel or Plesk). Many also have detailed instructions on their websites describing how to install the certificate manually by going through each step listed above.
If you're experiencing problems installing Let's Encrypt SSL on your own, contact your web host’s technical support team.
Which Web Host Supports Let’s Encrypt?
The mention of GoDaddy as a web host that’s Let’s Encrypt-friendly is a rarity. Almost all web hosting service providers make it as simple as possible for users to install Let’s Encrypt SSL certificates. Free SSL web hosts that we recommend include GreenGeeks, A2 Hosting, and TMD Hosting.
Learn more about your choices in Free SSL Hosting here.
How to Renew an Expiring Let's Encrypt SSL?
When do Let's Encrypt SSL certificate expire?
Let’s Encrypt issues certificates that are valid for 90 days. This short validity period is a security measure that allows Let's Encrypt to revoke compromised certificates quickly. It also makes it easier for Let's Encrypt to deal with certificate revocation by making it unnecessary.
If your certificate expires, visitors to your site will see a warning in their browser. You'll need to request and install a new certificate before the old one expires to prevent this from happening. Let's Encrypt will send you an email reminder when it's time to renew your certificates.
Renewing an Expiring Let's Encrypt SSL Certificate
When your Let's Encrypt SSL certificate is about to expire, it will automatically be renewed and replaced with a new certificate. When this happens, you need to do nothing. You can also manually renew your Let’s Encrypt SSL certificate via your cPanel or Plesk control panel.
Log in to your web hosting account’s control panel and head to the security section. Under the SSL/TLS manager > Certificates option, you can select “Renew” along with the domain name associated with the certificate.
Let’s Encrypt Disadvantages & Alternatives
The main disadvantage of using free Let’s Encrypt SSL Certificates is that they expire after 90 days, and you need to request a new one if your business is doing well and growing. While this isn’t a problem if your web host is Let’s Encrypt-friendly, that isn’t always the case.
Some web hosting service providers like GoDaddy don’t make Let’s Encrypt certificates easy to isntall. The process can be laborious, and renewal isn’t much better.
Let's Encrypt also doesn't provide any support for its users, so if something goes wrong with your website, you may have to figure out how to fix it yourself or find someone else who can help you with it.
Alternatives to Free Let's Encrypt SSL Certificate
While Let's Encrypt is the most commonly available free option for SSL, it’s not the only option. Among free alternatives, OpenSSL is another popular choice. It also includes some customizable features that aren't available through Let’s Encrypt.
In contrast, many commercial SSL certificates are available from reputable providers. These include GeoTrust, DigiCert, Sectigo, and more. You can get these certificates from many places online, but ensure that it’s a trusted SSL certificate provider.
Final Thoughts on Let’s Encrypt Free SSL
Today, running a website without an SSL certificate isn’t just suicidal in SEO aspects. It’s also extraordinarily callous and shows a disregard for the safety of your website visitors and indifference to your web property.
If you are looking for an easy way to improve your website's security and boost your SEO rankings, Let’s Encrypt SSL is fantastic. If you outgrow it at any point in the future, you’ll have the experience necessary to choose a better SSL certificate to meet your needs.