Security Experts:

Connect with us

Hi, what are you looking for?


Network Security

Open CA Let’s Encrypt Comes Out of Beta

One month after announcing that it had issued over one million certificates since opening to the public in December last year, free and open Certificate Authority (CA) Let’s Encrypt has come out of beta.

One month after announcing that it had issued over one million certificates since opening to the public in December last year, free and open Certificate Authority (CA) Let’s Encrypt has come out of beta.

The Let’s Encrypt initiative was proposed by the Electronic Frontier Foundation (EFF) as an alternative to established CAs, in an attempt to encourage site owners as possible to secure their domains by providing them with free certificates. The CA issued its first digital certificate in mid-September 2015, entered private beta the next month, and was launched in public beta in December.

On Tuesday, Let’s Encrypt announced that it is leaving beta and that it has secured more sponsors, which should help it continue operations unhindered. The CA’s founding sponsors Cisco and Akamai renewed their sponsorships for 3 more years, while Gemalto, HP Enterprise, Fastly, Duda and are new sponsors of the initiative.

Previously, companies such as Mozilla, Cisco, Akamai, Automattic and IdenTrust, among others, also announced their support for the open CA, the same as Linux Foundation. The goal behind Let’s Encrypt is to encrypt all website traffic using Transport Layer Security (TLS), thus protecting user data from eavesdroppers.

The initiative issued its 1 millionth certificate three months after entering public beta and has already reached the 1.7 million certificates for roughly 3.8 million websites. Over the past several months, the CA has gained enough operational experience and confidence in its systems to move out of beta, Josh Aas, ISRG Executive Director, explains in a blog post.

Although its certificates have already been abused by cybercriminals for nefarious purposes, the initiative’s goal to “encrypt 100% of the Web” by offering free certificates has inspired others too, with Amazon already offering free certs as well. However, Let’s Encrypt might turn out to be more of a placebo effect than an actual security solution, F5 Networks’ David Holmes explains in a SecurityWeek column.

Earlier this week, WordPress announced that HTTPS is available for all blogs and domains hosted on, and that Let’s Encrypt made this security enhancement possible. For the past two years, the popular content management system has been supporting encryption for sites using subdomains.

Let’s Encrypt is not the only organization committed to bringing HTTPS to more areas of the web, to make the Internet a more secure place. Google too is promoting secure connections by favoring HTTPS pages over their unencrypted counterparts, and recently announced it is monitoring the use of HTTPS on the world’s top 100 sites.

Commenting on Let’s Encrypt’s new milestone, Todd Moore, Vice President of Encryption Product Management at Gemalto, said: “We’re very proud to be a Gold Sponsor for Let’s Encrypt which leverages our industry-leading hardware security modules to protect their certificate authority system. Encryption by default is critical to privacy and security, and by working with Let’s Encrypt Gemalto is helping to deliver trust for the digital services that billions of people use every day.”


Written By

Click to comment

Expert Insights

Related Content


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.

Network Security

Cisco patched a high-severity SQL injection vulnerability in Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition (CM SME).

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...