It’s official, as of April 12, 2016, Let’s Encrypt is now out of beta! They first launched back in September 2015 and have now deployed certificates on millions of websites. They set out to help make the “HTTPS Everywhere” goal a reality, and they are making good dent towards accomplishing that. We here at KeyCDN love Let’s Encrypt and fully support them in their work to help make the web a safer place by providing free SSL certificates for everyone.
We set out to encrypt 100% of the Web. We’re excited to be off to a strong start, and with so much support across the industry. — Let’s Encrypt
Back in 2012, Josh Aas and Eric Rescorla, two Mozilla employees; felt the need to increase the rate of SSL/TLS deployment and decided to create a new free certificate authority (CA). This eventually turned into the organization Let’s Encrypt. It is built on a foundation of cooperation and openness, that lets everyone be up and running with basic server certificates for their domains through a simple one-click process.
KeyCDN was one of the first CDN providers to launch it’s Let’s Encrypt integration back in December 2015. And since then a lot of other CDN and web host providers have also hopped on board, such as Cyon, CloudWays, SiteGround and many others. See full list of web host providers that support Let’s Encrypt. This is great news for everyone as it means HTTPS is now just a click way for a lot of you. In fact WordPress just announced as of April 8th, that Let’s Encrypt is now available for all custom domains hosted on WordPress.com and they actually don’t even allow HTTP sites anymore.
We are closing the door to un-encrypted web traffic (HTTP) at every opportunity. — WordPress.com Team
If you haven’t yet moved to HTTPS we highly recommend taking a few moments to check out our HTTP to HTTPS migration guide as there are some very important SEO steps you don’t want to miss. Here are a couple benefits of moving to HTTPS:
- Performance and HTTP/2 (outperforming un-encrypted HTTP/1.1 in some cases)
- SEO as HTTPS is a ranking factor
- More referral data in Google Analytics
- Everything is encrypted and secured (no plain text)
- SSL builds trust and credibility
Let’s Encrypt Stats
Since September 2015 Let’s Encrypt has issued more than 1.9 million certificates for more than 3.8 million websites. As well as:
- Over 1 million registrations with a contact
- Over 239,000 anonymous registrations
- Over 14,000 revoked certificates
And within the last 24 hours:
- HTTP: Over 829,000 invalid challenges, and 131,000 valid
- TLS/SNI: Over 76,000 invalid challenges, and 8,000 valid
- DNS: Over 2,800 invalid challenges, and 900 valid
And there are over 174,000 certificates have under 96h for OCSP aging. OCSP, or Online Certificate Status Protocol, is one way to obtain the revocation status of an SSL certificate.
There are currently over 1.5 million SSL certificates that are unexpired.
And if we take a look at the SSL certificates issued by TLD we can see that .com is by far one of the highest with other and .fr, .de coming in next. Let’s Encrypt seems to have been adopted quite rapidly by European TLDs.
Sites Using HTTPS
Google just recently added a new section to their transparency report that focuses on the use of encryption around the web through Google. There are some pretty cool statistics! As you can see requests to Google’s servers using an encrypted connection are now over 75%.
And this chart represents the top 10 countries by percent of traffic that Google receives. Interestingly enough Mexico is the highest at 87%.
Scott Helme, the creator of securityheaders.io also did some research and found that the use of HTTPS in the top 1 million most visited sites on the web grew over 42% in the last 6 months alone. That’s amazing growth.
If you haven’t yet taken advantage of our Let’s Encrypt integration, now is the time! Let’s Encrypt eliminates both the cost and complexity of deployment. You can enable it within minutes from the KeyCDN dashboard. The certificates expire every 90 days but KeyCDN renews them automatically for you so there is nothing you have to worry about.