Let's Encrypt vs paid SSL

From Hostek.com Wiki
Jump to: navigation, search


NOTE: Any site that handles credit card information should consider using a paid certificate. Additional transactions on a yearly basis from users trusting your site with their payment information can out-weight the yearly cost of a certificate.


What is Let's Encrypt?

Let's Encrypt is a new way to secure your site with SSL (HTTPS). Unlike traditional SSL certificates, Let's Encrypt is free and allows automatic installation. However, there are times when a purchased Certificate is appropriate. Refer to the When to use a purchased certificate section.


When to use a purchased certificate

Although Let's Encrypt offers the same HTTPS encryption as a standard SSL certificate. The paid certificates help to provide more trust for your end-users. For example, many paid certificates offer some amount of insurance that protects the end-user of your website, and some certificates offer a clickable site-seal. The more expensive "Green Bar"(EV) certificates also verify your business identity so that end-users see your business name when connected to the site.


When to use Let's Encrypt

Any website that does not currently have an SSL certificate installed should consider enabling HTTPS using Let's Encrypt. Especially any websites use login forms, such as websites running a CMS like WordPress or Mura. Also, all browsers that currently support version 2 of the HTTP protocol(HTTP/2) require a secure connection(HTTPS) to use HTTP/2.


Can Lets Encrypt Be used before DNS is pointed to server?

No. Part of the Let's Encrypt process is to verify that the site is pointed to the server making the Let's Encrypt process request.


Will the Let's Encrypt SSL Auto Renew

Yes. If the site is still pointed to the server that the Let's Encrypt process originated from.