Browse Definitions :
Definition

Let's Encrypt

Contributor(s): Matthew Haughn

Let's Encrypt is a free, open and automated certificate authority (CA) provided as a service by the Internet Security Research Group (ISRG).

Let's Encrypt is designed to simplify the acquisition of SSL/TLS digital certificates proving a site’s authenticity, while also providing encryption. Its automated processes will also help reduce page errors due to out of date certificates.

Using a protocol called Automated Certificate Management Environment (ACME), Let's Encrypt simplifies through automation. All of the processes involved in providing proof of control for a website such as obtaining, renewing and revoking certificates, are automated. With a simple click (or command methods), HTTPS security can be enabled for any site.

The basics of Let’s Encrypt:

  • Domain name owners can obtain trusted certificates for their sites free of charge.
  • Through the interaction with the CA, server software can obtain a certificate, securely configure it and automatically manage renewal.
  • Let’s Encrypt is designed to serve as a platform for promoting TLS (Transport Layer Security) best practices.
  • Information about all certificates issued or revoked will be made publicly available.
  • The ACME protocol will also be made publicly available as an open standard.

Let’s Encrypt is hosted by the Linux Foundation. Project sponsors include the Mozilla Foundation, IdenTrust, Akamai, Cisco, the Electronic Frontier Foundation (EFF) and Automattic. The project is part of a long-term goal to encrypt the entirety of the web.

See a presentation on Let's Encrypt by the EFF:

This was last updated in June 2015

Continue Reading About Let's Encrypt

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCompliance

  • compliance audit

    A compliance audit is a comprehensive review of an organization's adherence to regulatory guidelines.

  • regulatory compliance

    Regulatory compliance is an organization's adherence to laws, regulations, guidelines and specifications relevant to its business...

  • Whistleblower Protection Act

    The Whistleblower Protection Act of 1989 is a law that protects federal government employees in the United States from ...

SearchSecurity

  • reverse brute-force attack

    A reverse brute-force attack is a type of brute-force attack in which an attacker uses a common password against multiple ...

  • orphan account

    An orphan account, also referred to as an orphaned account, is a user account that can provide access to corporate systems, ...

  • voice squatting (skill squatting)

    Voice squatting is an attack vector for voice user interfaces (VUIs) that exploits homonyms (words that sound the same but are ...

SearchHealthIT

SearchDisasterRecovery

  • business continuity policy

    Business continuity policy is the set of standards and guidelines an organization enforces to ensure resilience and proper risk ...

  • business continuity and disaster recovery (BCDR)

    Business continuity and disaster recovery (BCDR) are closely related practices that describe an organization's preparation for ...

  • warm site

    A warm site is a type of facility an organization uses to recover its technology infrastructure when its primary data center goes...

SearchStorage

  • primary storage (main storage)

    Primary storage is the collective methods and technologies used to capture and retain digital information that is in active use ...

  • RAM (Random Access Memory)

    RAM (Random Access Memory) is the hardware in a computing device where the operating system (OS), application programs and data ...

  • cache memory

    Cache memory, also called CPU memory, is high-speed static random access memory (SRAM) that a computer microprocessor can access ...

Close