If you’re just getting to grips with building your own website, then you’re probably looking for a good SSL certificate for your site. After all, you want to ensure that your visitors feel secure when they’re visiting your website. Plus, if you don’t have a good SSL certificate installed then your website won’t even show up in some browsers!
One of the most used SSL certificates is undoubtedly Let’s Encrypt. This is no surprise, and it seems to get the job done and they even have a completely free SSL certificate that you can use. But is this a viable option for those who are building a serious website? Well, let’s find out.
Is Let’s Encrypt Free and Secure?
The answer is that yes, Let’s Encrypt is a free and secure option if you need an SSL certificate for your website. In fact, the whole point of Let’s Encrypt is giving the public free access to more security for their websites without making money from them.
Advantages of Let’s Encrypt
Let’s Encrypt generally focuses on offering the following with their SSL certificates;
- Free – Of course, the main point of Let’s Encrypt is to give us free SSL certificates! It’s actually a service provided by the San Franciscan Internet Security Research Group, who are trying to make our internet safer.
- Simple Setup – Let’s Encrypt SSL’s are relatively easy to set up on your websites, and some hosts will even do all of this for you. So, it won’t take up much of your time to get your site up using Let’s Encrypt.
- Support – If you check out the supporters page on Let’s Encrypt, you can see that two of the biggest browsers, Chrome and Firefox, both sponsor the company. This means that they’re unlikely to have any issues with these certificates any time in the near future.
The fact of the matter is that hundreds of millions of websites on the internet use Let’s Encrypt as their choice for SSL certificate. So, if you’re just setting up your first website or blog, then there’s no issue with you using a free SSL from these guys.
Are there instances when you’d be better off opting for a different SSL certificate? Yes, there are. Here are a few of the reasons you might not want to use a Let’s Encrypt SSL.
Why you might not want to use Let’s Encrypt
- Ecommerce & Larger Sites – Whilst you can still use a Let’s Encrypt SSL for an e-commerce site, it generally isn’t recommended. There are different types of SSL certificate out there; Let’s Encrypt only offer DV, or Domain Validated, certificates. However, a BV (Business Validation) or EV (Extended Validation) are generally better for e-com sites. These certificates are better for building trust with your customers. Though, they aren’t a necessity, as Shopify do use Let’s Encrypt on their online stores.
- Support – One of the big cons about using a Let’s Encrypt certificate is that you don’t get any real sort of support from them aside from the community they have. Of course, many people won’t need this. But if you have a big website with a lot of a traffic, and something goes wrong with your SSL, you want to be able to fix.
- 90 Day Validity – for most people won’t be a problem, but Let’s Encrypt certificates are only valid for 90 days. Many platforms offer the ability to update them automatically via the ACME system, but some may not. If yours doesn’t, then it can be a hassle to renew them.
- Single Domains only – Another downside of using a Let’s Encrypt SSL certificate is that they only offer single site domains. This won’t be enough if you need multicard or wildcard SSL certificate.
All in all, these are just some of the most important pros and cons of using a Let’s Encrypt SSL certificate. If you need something better, then check out my list of the best SSL certificates. Let’s recap and answer any other queries you might have.
Is Let’s Encrypt free?
Yes, the whole point of Let’s Encrypt is that they provide anyone with free website security without having to pay for it – that’s basically their mission plan!
Is Let’s Encrypt secure?
Yes, a Let’s Encrypt certificate is functionally as secure as any other cheap paid SSL certificate.
Why not use Let’s Encrypt?
You might not want to use Let’s Encrypt if you’re a medium or large sized business who may need the customer support that you get with a paid SSL. Also, e-commerce companies (even small ones) would do well to opt for a paid SSL certificate too.
Why are Let’s Encrypt certificates only 90 days long?
The main reason that their certificates are only 90 days long is that if something were to go wrong, like someone stealing your keys, then it’s much less of an issue tan if you had a year long certificate.
How are Let’s Encrypt making money if they’re free?
Let’s Encrypt is a non-profit, so their focus isn’t really on making money. Their work is mainly funded by donations from massive sponsors, Google being one of them.
In conclusion, a Let’s Encrypt certificate is perfect safe and secure for you to use on your website. However, for those who have a larger client site or an e-commerce store, you would probably be better off with purchasing a different type of SSL, which Let’s Encrypt do not offer.