Thursday, May 4, 2017

Free SSL Certificates

We've enabled free, Let's Encrypt-based SSL certificates in the Control Panel.

Introduced in 2016, Let's Encrypt represents a free open certificate authority (CA), which provides website owners with digital certificates for enabling HTTPS (SSL/TLS).
It was launched by the Internet Security Research Group (ISRG), a public-benefit organization sponsored by the Mozilla Foundation, the Electronic Frontier Foundation (EFF) and Cisco Systems, with the aim of making HTTPS encryption both affordable and user-friendly.
Their main goal is to create a more secure, privacy-driven web.
Let's Encrypt certificates are:
  • free to use: each domain name owner can obtain a trusted certificate at absolutely no cost;
  • automatic: the certificate setup and renewal procedures are fully automated; no human intervention is needed;
  • simple to use: there are neither payments to make, nor validation emails to respond to;
  • secure: Let's Encrypt serves as a platform for implementing the latest security practices;
  • fully transparent: all issued certificates are publicly available for anyone to view;
  • open: the issuance and renewal protocol is published as an open standard that can be adopted;
  • 'self-regulated': Let's Encrypt is a joint community effort, beyond the control of any organization;

What are the differences between regular and Let's Encrypt SSLs?

Let's Encrypt offers you a free and automated way of obtaining SSL certificates for your sites, so you may ask yourself: "Why would I ever go with a regular SSL certificate?".
Just like regular SSL certificates, Let's Encrypt certificates offer basic SSL encryption, i.e. they give site visitors assurance that they are exchanging information with the domain that is visible in the address bar and that their personal data (login details, credit card information, etc.) cannot be eavesdropped.
Also, Let's Encrypt certificates are trusted by all major browsers.
If a site is using a Let's Encrypt SSL, you will see "https://" at the beginning of the URL in your browser's address bar, along with a green padlock.
So, what Let's Encrypt certificates offer is secure communication most site visitors will feel comfortable with.
However, as a business entity you may also need a certain security guarantee against online abuses and this is where commercial SSLs kick in.
Read further below to learn more about the differences between a Let's Encrypt certificate and a regular SSL:
  • Warranty: Let's Encrypt certificates do not include a warranty against misuse or mis-issuance, whereas regular SSLs do. While this may not be a problem for smaller websites, for larger organizations most probably will.
  • Wildcard Certificates: Let's Encrypt does not offer wildcard or multi-domain certificates, whereas traditional CAs usually do.
  • Validity Period: Let's Encrypt certificates are only valid for 90 days and must be renewed before they expire. Most regular SSL certificates are valid for at least one year. HTTPS site owners can also choose a longer validity period (3, 5, etc. years). On our platform, Let's Encrypt certificates are renewed automatically, so you won't have to worry about that.
  • Support: Let's Encrypt does not offer assistance with creating or installing SSL certificates. Only community help is available.This can be an issue for organizations that need to quickly equip their business sites with an SSL. However, this could be easily curbed with a quick re-generation and re-installation of the problematic Let's Encrypt SSL.

A Let's Encrypt certificate or a commercial SSL – the final verdict

Both Let's Encrypt and commercial SSLs will do the encryption job that is expected of them in order to protect your sites against interception and eavesdropping.
So, your choice will solely be determined by the type of site you manage, which in fact defines your security requirements.
If you own a non-commercial site, a blog or a photo gallery, or just need a quickly configurable, simple and free SSL certificate that you can obtain with minimum effort, then Let's Encrypt is the way to go.
If you run an e-store or an enterprise site, then you will need to invest in a paid, warranty-equipped SSL certificate issued by an established CA.
Due to Google's recently voiced intent to give HTTPS sites higher search rankings and the subsequent rise of authorized SSL resellers, the prices for commercial SSLs have been going down steadily.
Today, every e-commerce website owner can obtain an affordable commercial SSL certificate from a reputable authority.
We've already lowered the prices for both regular and wildcard certificates and are doing our best to make sure you get the best security insurance on the web.

For more information visit our site at http://sbnai.com or http://sbnai.net