First Web Certificate from Let’s Encrypt
Today is the day when the Web became more secure, on this day Let’s Encrypt issued the first very own certificate.
Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. Let’s Encrypt is a service provided by the Internet Security Research Group (ISRG). The main ideology behind is: free, automatic, secure, transparent, open, and cooperative web.
The goal is to revolutionize encryption on websites, making HTTPS implementation a seamless, no-cost option for anyone with a domain. Forget about hours (or sometimes days) of muddling through complicated programming to set up encryption on a website, or yearly fees.
Let’s Encrypt puts security in the hands of website owners.
You can check the first certificate in action at http://helloworld.letsencrypt.org/. Let’s Encrypt hasn’t yet been added as a trusted authority to the major browsers (that will be happening soon), so for now, you’ll need to add the ISRG root certificate yourself. Specifics will depend on your browser. In Firefox, just click the link.
According to an official announcement, cross-signature is not yet active, but the certificate is “fully functional for clients with the ISRG root in their trust store“. Hopefully in a month Let’s Encrypt will be cross-signed, meaning that certificates will work just about anywhere.