Let’s Encrypt is the name of a famous and free SSL certificate provided by the private Internet Security Research Group (Internet Security Research Group) to active domains in the global web network.
This free SSL certificate is launched and supported by large companies such as Google Chrome, Amazon, Facebook, and Cisco. This certificate has been granted to 240 million websites, and people are still receiving this certificate from ISRG.
In the following, we will examine this security certificate and its advantages and disadvantages.
The difference between a standard SSL certificate and a free SSL. Let’s Encrypt
Free SSL is very popular despite its great appeal, and no need to pay.
Suppose you do not own an online store or do not need to activate an online payment portal for your customers. In that case, it is possible that you will not be aware of the differences between free and standard security certificates.
Because the security of your site becomes key and vital when you need to receive sensitive information from your users. Information that may cause problems for your business, such as account, identity, or personal information.
If not done on time, security certificate renewal can damage your site’s rankings and SEO.
And free certificates also usually require frequent renewals, up to 4 times a year, which may cause forgetting or delay in doing this work.
Therefore, it is recommended to use a standard SSL certificate for your business if possible.
Free SSL security certificate activation
SSL certificate is a special and secure protocol called //:https for sending information on the web platform. You have to pay a fee to activate your site domain. But free samples such as Let’s encrypt are also provided for this certificate that you can use.
The use of SSL in websites is to secure the information of users and site owners in sending and receiving them. So that this protocol, unlike the //: HTTP protocol, encrypts the information before sending it and then sends it to the destination. The destination also decrypts the information using the key received from the source. This greatly reduces the possibility of information being stolen and leaked at the time of sending. The green lock next to the URL indicates that the domain security certificate is active.
Disadvantages of using Let’s Encrypt free SSL certificate
This free SSL is valid for 90 days and needs to be renewed continuously.
It is impossible to activate the payment gateway on these domains and must be an annual SSL.
Let’s encrypt users who have only one command line interface.
Users have to edit and work with Apache, which is relatively difficult.
Let’s encrypt support for the Nginx web server has not been confirmed yet.
The software on the server must be developed for Let’s Encrypt, free SSL clients.
Ecommerce centers do not approve free SSLs like Let’s Encrypt.
This type of SSL only supports domain validation (DV), which has the lowest level of security among SSLs. Let’s Encrypt security certificate does not support EV, OV, or IV types.
Let’s Encrypt does not have a free WILDCARD type.
Using a free site security certificate does not insure your site.
Let’s encrypt has no support and no warranty.
Request for certificate or CSR in this type of SSL cannot be customized.
Getting the two-star symbol of the SSL certificate requires at least six months of validity, and the domain with the Let’s Encrypt certificate cannot receive this symbol.
The benefits of using Let’s Encrypt’s free SSL certificate.
Being free and not needing to pay for activation
The possibility of free renewal of the certificate every three months
High popularity and installed on hundreds of millions of domains
The possibility of automatic adjustment for programs and automatic renewal
From the user’s point of view, it is no different from paid SSL
Optimal TLS security for small and enterprise sites
Limitations of using free SSL Let’s Encrypt
In addition to the disadvantages mentioned above, free security certificates also have limitations for their users.
Let’s Encrypt is a SAN or UUC certificate that can be activated on several domains simultaneously.
When creating the certificate, all these domains and their subdomains must be declared to the issuer, and up to 100 domains can use a security certificate jointly.
If different domains of a separate site are hosted, we must install a separate SSL certificate for each one.
Another limitation of Let’s Encrypt is that 20 certificates can be issued weekly for connected domains and subdomains.
We need to send duplicate free ssl issuance requests for diffSSLnt domain formats.
We can have up to 5 similar and repeated certificate requests during the week.
Government sites and political organizations of Iran and countries under sanctions do not have the right to use Let’s Encrypt’s free SSL certificate. (.ir sites are free)
Renewal of SSL certificates for multiple domains must be done manually, and all those domains must be selected for renewal.
Automatic renewal of Let’s Encrypt applies only to the main domain, parked domains, and their subdomains.
At site security certificate activation or renewal, all domains must be authenticated. If a site is unavailable, renewal or purchase will not be successful.