Let's Encrypt icon
Let's Encrypt icon

Let's Encrypt

 123 likes

Anyone who has gone through the trouble of setting up a secure website knows what a hassle getting and maintaining a certificate can be. Let’s Encrypt automates away the pain and lets site operators turn on and manage HTTPS with simple commands.

Let's Encrypt's homepage

License model

  • FreeOpen Source

Application type

Country of Origin

  • US flagUnited States

Platforms

  • Self-Hosted
4.3 / 5 Avg rating (7)
123likes
7comments

Features

Suggest and vote on features
  1.  Support for scripting
  2.  Supports SSL Certificates
  3.  SSL
  4.  Support for TLS

Let's Encrypt News & Activities

Highlights All activities

Recent News

Show more news

Recent activities

Show all activities

Comments and Reviews

   
 Post comment/review
Top Positive Comment
John Fastman
Dec 31, 2016
6

When you connect to a website, you either do it by http or https. The 's' in the second case stands for 'secure'. It means that the data traveling between your computer and the website (in both directions) is encrypted. That in turn means people in between your computer and the website's server (e.g. your internet service provider, hackers, federal investigators and others) can't see what the data is, only how much of it there is and which points it's traveling between. Therefore https connections improve your security and privacy online. It is for this reason that they are used to connect you to banking websites, most webmail providers, Facebook, Wikipedia, paypal and many, many other websites. To check if the connection is https, rather than only http, look to the left of the address in your browser. You should see a green padlock symbol.

To connect via https to the website you visit that website needs to have a verifiable, trusted certificate showing that the https connection is genuine and trustworthy. Traditionally, there are trusted companies that offer such certificates and website owners would have to pay these companies to get these certificates issued. VeriSign and Comodo are two examples. So, for example, if you have a website hosted with, say, GoDaddy or SiteGround or BlueHost or similar, that company would charge you money to organize a certificate for you via Comodo or Verisign or a similar certificate issuer.

In the wake of the Snowden revelations, people became much more aware that internet traffic was being recorded on a mass scale by the National Security Agency, GCHQ and other intelligence agencies. In some cases, this hit hard several popular services, most notably Yahoo, whose unencrypted traffic between its servers was easily hoovered up and analyzed. A campaign arose with the objective to make every connection https by default. Part of the difficulty was the prohibitive cost.

Let's Encrypt is a way of doing this for free. Using Let's Encrypt a website owner can organize for his/her website a certificate that allows https connections for free. That's because the code behind Let's Encrypt comes from an open-source community effort supported by the "good guys" of the internet, including the Electronic Frontier Foundation, Mozilla, and others. Some website hosting services now offer to enable Let's Encrypt on their customers' websites, SiteGround being a prominent example. This despite the fact that SiteGround used to charge people for the expensive option in years gone by. That's very good for online security.

If you own a website, contact your web host company and ask them to set up Let's Encrypt for you. It should be free and quick. Ask them to do it in such a way that only https connections are possible.

Let's Encrypt is an excellent and necessary development. It means there are no longer any excuses for website owners to provide insecure connections for their visitors.

A related project to maximize https across the internet is the excellent browser plugin from the Electronic Frontier Foundation, HTTPS Everywhere. If you have this on your browser, it will always attempt https connections if they are possible, which minimizes the chances that your internet traffic will be snooped on.


It's worth noting that there is evidence - also from the Snowden leaks - that 1024 bit prime numbers are of insufficient strength to resist NSA cracking attempts. VPNs and other services should use longer key sizes.

Cyber Nautilus
Jun 27, 2020

TL;DR dude!!!

This isn't a Wiki -- you're writing a review! The merit is in being concise, precise and brief.

Tiger Taurus
Feb 19, 2021

@cy6ernauti1us: I think the reviewer did a good job of concisely explaining an opaque subject in terms accessible to the layman.

Top Negative Comment
carlosvgonzalez
Dec 2, 2020
0

Let's encrypt, as today 2020/12/01 is not available as stand alone clear script that you can control and read, instead is a SNAP Package that want's full control of your Super User permissions, to make it worst it states:

snap "certbot" is not available on stable but is available to install on the following channels: edge snap install --edge certbot Please be mindful pre-release channels may include features not completely tested or implemented. Get more information with 'snap info certbot'.

and when you think it could not get any worse than this: This revision of snap "certbot" was published using classic confinement and thus may perform arbitrary system changes outside of the security sandbox that snaps are usually confined to, which may put your system at risk.

And about the no so transparent SNAP, forget about 32 bits support as this comes out: quote hereAn unexpected error occurred: OSError: cannot load library '/snap/certbot/356/usr/lib/x86_64-linux-gnu/libaugeas.so.0': /snap/certbot/356/usr/lib/x86_64-linux-gnu/libaugeas.so.0: cannot open shared object file: No such file or directory. Additionally, ctypes.util.find_library() did not manage to locate a library called '/snap/certbot/356/usr/lib/x86_64-linux-gnu/libaugeas.so.0'

Don't seem a very Open Source agenda...

[Edited by carlosvgonzalez, December 03]

Andrei O.
Mar 19, 2021
0

Was the first entity that started releasing free browser-supported SSL certificates for the web.

Let's Encrypt is essential for having a world where there will be no unsecured HTTP website anymore.

Vishal Hirawat
Sep 25, 2020
0

Free SSL Certificate Generator

Nicolas
Jul 17, 2020
0

Free and easy to use : thanks !

Dawid Ferenczy
Feb 8, 2018
0

Finally SSL certificates for free for everyone. HTTPS everywhere!

jakebrumby
Jan 30, 2018
2

Excellent for developers who need to issue lots of certificates, especially if they want automatic certificate issuing capability integrated into their website or app.

If there's one thing that could be improved upon, its to increase the limit of certificates per registered domain.Currently, that's 20 per week.

What is Let's Encrypt?

Anyone who has gone through the trouble of setting up a secure website knows what a hassle getting and maintaining a certificate can be. Let’s Encrypt automates away the pain and lets site operators turn on and manage HTTPS with simple commands.

No validation emails, no complicated configuration editing, no expired certificates breaking your website. And of course, because Let’s Encrypt provides certificates for free, no need to arrange payment.

Official Links

Let's Encrypt information

AlternativeTo Categories

Security & PrivacySystem & HardwareDevelopment

GitHub repository

  •  5,382 Stars
  •  614 Forks
  •  186 Open Issues
  •   Updated Apr 18, 2025 
View on GitHub

Our users have written 7 comments and reviews about Let's Encrypt, and it has gotten 123 likes

Let's Encrypt was added to AlternativeTo by chehab on Oct 21, 2015 and this page was last updated Apr 19, 2025.