Security 2018

As I’ve said before, Let’s Encrypt Is Keeping Me Secure. They’re the only trusted free SSL certificate provider left, but business is better than ever.

Earlier this year, Let’s Encrypt issued their 100,000,000th certificate, which is not only a huge step forward for their platform, but a huge step forward for the secure and open internet.

However, Let’s Encrypt was not the first group to offer free SSL certificates. StartSSL offered free low-level domain and email certificates completely free for years, until the “major browsers” (Safari, Firefox, Chrome) stopped trusting them due to a failure to disclose acquisition by a Chinese certificate authority called WoTrus (formerly WoSign).

You can read more about that here, here, and here.

As a result, StartCom recently announced that they will be shutting down as a certificate authority (per this documentation). All major trust banks had made it clear that they did not plan on re-trusting StartSSL (or WoSign), and business was falling apart.

With that aside, let’s focus on our clear frontrunner. Let’s Encrypt recently announced that beginning in January 2018, they will be supporting and issuing wildcard certificates (source). Long story short, this means that instead of having to issue a certificate for each of your subdomains, you can issue them for each sub-level (meaning only one certificate every three months).

At the end of the day, nothing is changing for the average consumer (er, viewer). But for those of us in the system administration business (or even customer support, if you work for a software company), this is a big deal. So, I encourage you to pay attention to the changes that will be unfolding in the coming months.