Free webserver encryption? It is almost here, mid-2015.

Did you know what google gives a very slight ranking boost to websites that use SSL (https://...) encryption?

There are other more significant reasons for your website to offer secure connections to your website visitors, especially if your website conducts ecommerce or credit card transactions.

Nowadays, people everywhere have to purchase a SSL certificate if they want to offer secure/private connections to their website visitors. However, that might just be a thing of the past with https://letsencrypt.org/2014/11/18/announcing-lets-encrypt.html

As their website explains:

“ The challenge is server certificates. The anchor for any TLS-protected communication is a public-key certificate which demonstrates that the server you’re actually talking to is the server you intended to talk to. For many server operators, getting even a basic server certificate is just too much of a hassle. The application process can be confusing. It usually costs money. It’s tricky to install correctly. It’s a pain to update.

Let’s Encrypt is a new free certificate authority, built on a foundation of cooperation and openness, that lets everyone be up and running with basic server certificates for their domains through a simple one-click process.

Mozilla Corporation, Cisco Systems, Inc., Akamai Technologies, Electronic Frontier Foundation, IdenTrust, Inc., and researchers at the University of Michigan are working through the Internet Security Research Group (“ISRG”), a California public benefit corporation, to deliver this much-needed infrastructure in Q2 2015. The ISRG welcomes other organizations dedicated to the same ideal of ubiquitous, open Internet security.

The key principles behind Let’s Encrypt are:

  • Free:
    Anyone who owns a domain can get a certificate validated for that domain at zero cost.
  • Automatic:

    The entire enrollment process for certificates occurs painlessly during the server’s native installation or configuration process, while renewal occurs automatically in the background.

  • Secure:

    Let’s Encrypt will serve as a platform for implementing modern security techniques and best practices.

  • Transparent:

    All records of certificate issuance and revocation will be available to anyone who wishes to inspect them.

  • Open:

    The automated issuance and renewal protocol will be an open standard and as much of the software as possible will be open source.

  • Cooperative:

    Much like the underlying Internet protocols themselves, Let’s Encrypt is a joint effort to benefit the entire community, beyond the control of any one organization. “

We hope the above initiative will be successful, but until then we still offer the lowest-cost and also highest quality SSL certificates available:

http://4goodhosting.com/sslcertificates.html

So if you want to offer secure encrypted connections to you website, you can get started with a SSL today, and in about a year’s time the above free encryption standard should be available starting in mid-2015. For more information on the project please see: https://letsencrypt.org

You may also like: