Let’s Encrypt Announces Free Wildcard Certificates
Let’s Encrypt has announced its decision to start issuing free wildcard certificates starting January 2018.
Let’s Encrypt is a free, automated, open certificate authority launched by the non-profit Internet Security Research Group (ISRG). It began operation in December 2015. Currently, the company secures 47 million domains using its fully automated certificate issuance and management API.
In a blog post titled “Wildcard Certificates Coming January 2018,” ISRG Executive Director Josh Aas writes that “Let’s Encrypt will begin issuing wildcard certificates in January of 2018. Wildcard certificates are a commonly requested feature and we understand that there are some use cases where they make HTTPS deployment easier. Our hope is that offering wildcards will help to accelerate the Web’s progress towards 100% HTTPS.”
What are Wildcard Certificates?
Wildcard certificates work the same way as regular SSL certificates—securing connections between websites and browsers. But wildcard certificates differ in that they cover the main domain and subdomains with a single certificate. In contrast, a separate SSL certificate is required for every domain and subdomain. A single wildcard certificate suffices to ensure HTTPS encryption for all subdomains of a main domain.
Aas continues: “Wildcard certificates will be offered free of charge via our upcoming ACME v2 API endpoint. We will initially only support base domain validation via DNS for wildcard certificates but may explore additional validation options over time. We encourage people to ask any questions they might have about wildcard certificate support on our community forums.” He adds: “We decided to announce this exciting development during our summer fundraising campaign because we are a nonprofit that exists thanks to the generous support of the community that uses our services.”
Since it was launched in December 2015, Let’s Encrypt “has contributed heavily to the Web going from 40% to 58% encrypted page loads.” SSL certificates have become highly important, not only to secure data, but to improve standing in search engine’s ranking algorithms. Given this, Let’s Encrypt’s decision to issue free wildcard certificates is a huge development in the wider SSL certificate world.
Kevin Jones951 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.