Let’s Encrypt Passes 100 Million Certificates Issued, Will Offer Wildcard Certificates in January 2018

photo credit: Chris Anderson

Let’s Encrypt, the free and open certificate authority that launched in 2016, has issued more than 100 million certificates as of June 2017 and is currently securing 47 million domains. Earlier this year, the web passed a major milestone of getting more than 50% of traffic encrypted. Let’s Encrypt has been a major contributor to that percentage growing to nearly 58%.

“When Let’s Encrypt’s service first became available, less than 40% of page loads on the Web used HTTPS,” ISRG Executive Director Josh Aas said. “It took the Web 20 years to get to that point. In the 19 months since we launched, encrypted page loads have gone up by 18%, to nearly 58%. That’s an incredible rate of change for the Web.”

Aas also announced that wildcard certificates are coming to Let’s Encrypt in 2018. Wildcard certificates allow a site to secure an unlimited number of subdomains with the same certificate.

Currently, the process to get Let’s Encrypt working on a WordPress multisite installation is much more complicated than adding a certificate for a single domain. The WP Encrypt plugin claims multisite and multi-network compatibility but super admins have often run into failure on networks with higher numbers of sites. Wildcard support for Let’s Encrypt will provide a better way to secure multisite networks.

Let’s Encrypt will offer the wildcard certificates via the new ACME v2 API endpoint and will start by supporting base domain validation via DNS with the possibility of adding other validation options in the future. ACME is the protocol that Let’s Encrypt developed to allow subscribers to acquire and manage certificates. Those using the v1 endpoint are encouraged to move to v2 as soon as it’s available in January 2018. The v2 protocol was developed to be an IETF (Internet Engineering Task Force) standard so that ACME can work with more certificate authorities in the future.

11 Comments


  1. As an advocate of web security, I have to congratulate Let’s Encrypt on this wondrous accomplishment.

    Report


  2. The process of implementing LetsEncrypt is identical for both single and multisite.

    I think you are conflating that with automatic support for new subdomains, which would require a wildcard certificate or a convoluted process to auto-generate single certificates (not a good idea IMO). But the actual process in both cases is identical.

    Report


    1. True, but wildcard support is important, and the only thing preventing me from using their service in anything other than trivial ways.

      Report


      1. Wildcard support will sure make my configurations simpler on my web server. ☕

        Right now I either setup a separate config file for each vhost (not so bad) or keep adding alternate names to the current cert which is messy. I used to just *.domain the certificate when I paid for it.

        Report


  3. I have not tested the “WP Encrypt” plugin myself… but could be interesting. Especially in those hosts that “charge” for this free service.

    In my case, I ended using the CPanel add-on to actually have the certs for a few sites that are on my hosting account.

    I was surprised that they offered the service in a completely free and automated form. Despite the certs expiring every 90 days, it means nothing thanks to them autorenewing.

    Now, whenever I am looking to a new host, I always check if they support Let’s Encrypt. In my case, it has become a “must have” feature.

    Report


  4. Enabling cloudflare on your (one) domain (for free) also generates a wild card certificate. It also saves a lot of Bandwidth, in case one pays for the bandwidth.

    Report


    1. Yes and no. With the “flexible” option, the traffic from Cloudflare to your server is not encrypted. So users think the connection is via https, but it actually isn’t

      Report


  5. I have to say im a big fan of Let’s Encrypt – I wanted to see how it all worked so was keen to choose a new host which offers it built in and ended up with SiteGround

    The whole process for either the main domain, addon domains, or sub-domains is just a breeze!

    Report


  6. I came to know about Let’s Encrypt when I see some hosts offering free SSL with their hosting services.

    I signed up with two of them to see how does the free thing work. After I signed up, I came to know, both were giving Let’s Encrypt SSL.

    As I am a web developer, I usually buy an SSL certificate for my client. Since Let’s Encrypt is free, I am now offering this service for free to my clients, and they are very happy.

    I am excited about the Wildcard certificate. Can’t wait more to try my hands on a free Wildcard certificate.

    Report

Comments are closed.