Let’s Encrypt Certificates
The main goal of the project is to provide easy to use SSL / TLS certificates. As a large part of the Internet traffic still takes place via unencrypted HTTP protocol at the time of the project creation, this exposes the user to eavesdropping or injecting advertisements or tracking cookies. In order to prevent this, it is necessary to use HTTPS protocol, which uses TLS certificates signed by the certification authority to encrypt the transmission.
The project provides users with free X.509 Transport Layer Security (TLS) encryption certificates as part of an automated process designed to eliminate the drawbacks of manually creating, validating, signing and installing certificates for secure websites.wikipedia.org
The disadvantages that the project tries to solve are the costs and difficulties related to obtaining and implementing the certificate. Let’s Encrypt offers free certificates and a set of tools for managing them and automatic integration with HTTP servers. The project is an initiative of the Internet Security Research Group, supported by companies and organizations such as Akamai, CISCO, Mozilla.
SSL for all hosting accounts
Every hosting package, VPS and dedicated server, comes with a Let’s Encrypt certificate.
All our hosting accounts have HTTPS support and Let’s Encrypt certificates enabled. By default, certificates are issued for 3 months and automatically extended for another period. All this happens in the background without your participation. We ensure continuity of Let’s Encrypt certificates without any additional charges.
These certificates are a very good solution for private individuals, starting bloggers or small online shops.
We give people the digital certificates they need in order to enable HTTPS (SSL/TLS) for websites, for free, in the most user-friendly way we can. We do this because we want to create a more secure and privacy-respecting Web.letsencrypt.org
- Mozilla Firefox >= v2.0
- Google Chrome
- Internet Explorer on Windows XP SP3 or later
- Microsoft Edge
- Android OS >= v2.3.6
- Safari >= v4.0 on macOS
- Safari on iOS >= v3.1
- Debian Linux >= v6
- Ubuntu Linux >= v12.04
- NSS Library >= v3.11.9
- Amazon FireOS (Silk Browser)
- Cyanogen > v10
- Jolla Sailfish OS > v18.104.22.168
- Kindle > v3.4.1
- Java 7 >= 7u111
- Java 8 >= 8u101
Limits and restrictions
The certificate renewal process is performed every 12 hours and certificates which expire within 90 days are extended.
- Certificates per Registered Domain – you can generate certificates for up to 20 domains within 7 days.
- Names per Certificate – one certificate for a given domain can contain up to 100 subdomains in itself.
- Duplicate Certificate – You can request up to 5 identical certificates per week. Identical certificates are understood here as: having the same set of hostnames (excluding the letter size and order of hostnames). Certificate renewal falls into the duplication assumptions, but omits the above limitations.
- Failed Validation – it allows for 5 erroneous validations per account per hour.
- Overall Requests – Let’s encrypt limits “new-reg”, “new-authz” and “new-cert” requests generally to 20 queries per second. In addition, queries to the “/directory” and “/acme” directories and their subdirectories are limited to 40 queries per second.
- Accounts per IP Address – within 3 hours Let’s encrypt allows you to create up to 500 accounts associated with a single IP address.
- Pending Authorizations – you can have up to 300 pending authorizations for certificates in your account.
In addition, remember to do so:
- the domain subject to certification was fully resolvable by DNS servers and directed to a specific IP address
- access to the root directory of the domain is not blocked, or that access to “/.well-known/” is allowed.
- rules for mod-rewrite did not interfere with the path http:///.well-known/ and/or https:///.well-known/
See the Let’s Encrypt documentation pages for more information about restrictions.
Newest blog articlesSee all blog posts
- Read more
Too much website traffic can be as disastrous as no traffic at all. A traffic disaster results in server overload. In such a situation, no one is able to use e.g. your online store’s offer, and you do not earn. Learn how to optimally prepare your website for increased traffic.
- Read more
Do you have a bank account? Use the internet with your smartphone? Congratulations! Then you are on the brighter side of the power, where digital exclusion does not reach. But can you take care of the security of your data as effectively as you invite your friend for a beer via instant messenger?
- Read more
SPAM is any message that is unsolicited. By design, such messages do not reach the recipient. They can be blocked at several stages, between sending and delivery. However, the email system does not work perfectly. Some valuable mail ends up in SPAM, while unwanted offers arrive in the inbox. Can something be done about this?