Let's Encrypt

Let's Encrypt is a free, automated, open certificate authority run by the Internet Security Research Group (ISRG). It provides SSL/TLS certificates at no cost with automated issuance and renewal, and it has fundamentally changed the hosting industry by making HTTPS the default for every website.

Before Let's Encrypt, SSL certificates cost $10-100+ per year per domain, making HTTPS impractical for small sites and budget hosting plans. Now, every major hosting control panel includes Let's Encrypt integration that automatically provisions and renews SSL certificates for all hosted domains without any cost or manual intervention.

cPanel includes AutoSSL with Let's Encrypt support (and Sectigo as an alternative). Plesk has a built-in Let's Encrypt extension. DirectAdmin and CyberPanel also include native integration. The result is that new hosting accounts get SSL certificates automatically within minutes of domain setup.

The technical implementation uses the ACME protocol (Automated Certificate Management Environment) for domain validation and certificate issuance. Certbot is the most popular ACME client, but dozens of alternatives exist for different platforms and use cases. Certificates are valid for 90 days and are designed to be auto-renewed well before expiry.

Let's Encrypt issues Domain Validation (DV) certificates and supports wildcard certificates (*.example.com) via DNS-01 challenges. While it does not offer Organization Validation (OV) or Extended Validation (EV) certificates, DV certificates provide the same encryption strength and are sufficient for the vast majority of websites.

The service issues billions of certificates and secures hundreds of millions of websites. It is one of the most impactful open-source projects in internet history.