Jump to content
  • Let’s Encrypt issued over 3 billion certificates, securing 309M sites for free

    alf9872000

    • 401 views
    • 2 minutes
     Share


    • 401 views
    • 2 minutes

    Internet Security Research Group (ISRG), the nonprofit behind Let's Encrypt, says the open certificate authority (CA) has issued its three billionth certificate this year.

     

    Let's Encrypt has been providing websites with the X.509 digital certificates needed to enable HTTPS (SSL/TLS) and encrypted communications for free since September 2015, when it issued the first certificate for the helloworld.letsencrypt.org domain.

     

    Starting with August 2018, Let's Encrypt has been directly trusted by all major browsers and operating systems and all major root certificate programs (including those from Microsoft, Google, Apple, Mozilla, Oracle, and Blackberry).

     

    The free and automated CA allows any domain owner to obtain a trusted certificate at zero cost. Right now, the CA says it issues millions of them daily.

     

    As ISRG revealed today, this has allowed it to reach a new record this year, as it is now providing services to over 300 million websites.

     

    "As of November 1, 2022, Let's Encrypt provides TLS to over 309 million domains via 239 million active certificates. Let's Encrypt usage grew by more than 33 million domains in 2022," ISRG said today in its 2022 annual report.

     

    Let's%20Encrypt%20growth.png

    Let's Encrypt growth statistics (Let's Encrypt)

     

    To get an idea of the scale the CA operates and what pushed its development team to further automate certificate issuing and renewal, in early March 2020, it had to revoke over 3 million certificates due to a bug in its domain validation and issuance software.

     

    That number amounted to roughly 2.6% of the approximately 116 million active certificates it provided to websites worldwide.

     

    Almost two years later, in January 2022, Let's Encrypt announced it would revoke millions of active SSL/TLS certificates, affecting an estimated 1% of all active Let's Encrypt certificates.

     

    "Since then, we’ve developed a specification for automating certificate renewal signals so that our subscribers can handle revocation/renewal events as easily as they can get certificates in the first place (it just happens automatically in the background!)," said Josh Aas, ISRG's Executive Director.

     

    "That specification is making its way through the IETF standards process so that the whole ecosystem can benefit, and we plan to deploy it in production at Let’s Encrypt shortly."

     

    Today's record announcement comes after Let's Encrypt revealed in February 2020 that it had issued 1 billion certificates, less than three years after it announced the 100 million milestone.

     


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...