Newsletter
Web development tips, marketing strategies and A2 Hosting news sent to your inbox.
Nuestra base de conocimientos sólo está disponible actualmente en inglés. Estamos en el proceso de traducir estas páginas y las publicaremos cuando estén disponibles.
Knowledge Base
Differences between Let's Encrypt certificates and traditional CA-issued certificates
This article discusses the differences between SSL certificates provided by Let's Encrypt and those provided by traditional CA (certificate authority) providers.
The Let's Encrypt initiative makes creating and installing SSL certificates a simple task. They are also free, so you may ask yourself, “why would I ever pay for an SSL certificate from another provider?”
Although Let's Encrypt SSL certificates provide basic SSL encryption, they lack many of the benefits of certificates issued by established CA (certificate authority) SSL providers, including:
- Extended validity: Let's Encrypt certificates are only valid for 90 days and must be renewed frequently. By contrast, most traditional SSL certificates are valid for at least one year, with the option of longer validity periods (for example, three years).
- Warranty: Let's Encrypt certificates do not include a warranty, whereas traditional SSL certificates usually do.
- To view the full Let's Encrypt Subscriber Agreement, please visit https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf.
- For an example of a warranty from GlobalSign, please visit https://www.globalsign.com/en/repository/globalsign-warranty-policy.pdf.
- Support: Let's Encrypt does not have staff available to assist with creating or installing SSL certificates. This can be an issue for professionals and business owners who must quickly get a site configured and working. For example, GlobalSign has a network of trained personnel who provide support through online ticketing, chat, and telephone.
- Customer vetting: Let's Encrypt uses basic domain-based vetting (the ACME protocol) to issue SSL certificates. Traditional CA providers use additional vetting procedures to help verify that customers actually are who they claim to be.
SSL certificate options: Let's Encrypt only offers domain-validated certificates (DV). If you need the extra security of an extended validation certificate (EV) for your site, you must purchase one from a traditional CA provider. Additionally, Let's Encrypt does not offer wildcard or multi-domain certificates.
To view SSL certificate options at A2 Hosting, please visit https://www.a2hosting.com/ssl-certificates.
Related Articles
We use cookies to personalize the website for you and to analyze the use of our website. You consent to this by clicking on "I consent" or by continuing your use of this website. Further information about cookies can be found in our Privacy Policy.