Let’s Encrypt’s Free HTTPS Certificates Take a Leap Forward

Non-profit company, Let’s Encrypt, has announced that its free HTTPS certificates are now trusted by all major browsers, making a significant step forward to helping with total HTTPS encryption on all websites on the internet who wouldn’t have to pay for an added layer of protection via encryption.

According to Let’s Encrypt’s own blog, an announcement has confirmed that the non-profit company’s free security certificates have now been deemed ‘trusted’ by all major browsers, helping the company’s goal to usher in an age of free HTTPS-based encryption to all websites on the internet.

The company is sponsored by the likes of Mozilla, the Electronic Frontier Foundation (EFF), Cisco Systems, Akamai and other major companies and corporations. Let’s Encrypt is deemed an open certificate authority by the Internet Security Research Group (ISRG). The goal of the non-profit is to offer free HTTPS certificates to anyone owning a domain name along with open source tools that helps automate the process of applying the certificates.

Additionally, the tools provided will also aid domain owners and website administrators to receive credentials and configure the website with the protection of the HTTPs certificates.

The two intermediate certificates, Let’s Encrypt Authority X1 and Let’s Encrypt Authority X2 received cross-signatures and any applying web server swill need to be configured to appropriately have the signatures as a part of the trust chain. The company notes that the clients and tools will do this particular task automatically.

Related article: Reddit Is Switching to Total HTTPS Encryption

The Need for HTTPS

HTTPS helps secure websites in two ways, fundamentally:

  • It helps encrypts communications that relay back and forth between the end-user on the website and the server providing the content. This encrypted channel of communication will be safeguarded from anyone trying to snoop in to have a look at the user’s activities.
  • HTTPS also ensures that the server from where the content is displayed belongs to the same entity that owns or controls the domain to avoid duplicate or faux websites.

The blog announcement from Let’s Encrypt reads:

“Vital personal and business information is flowing over the Internet more frequently than ever, and it’s time to encrypt all of it.”