Signed TLS/SSL to be Free by Summer 2015

The big players in the tech world have been pushing hard for an encrypted web. EFF, Mozilla, Cisco and a few other tech titans are now working together to bring free signed TLS/SSL certificates to the ports of web servers everywhere. These certificates will be issued by Let’s Encrypt.

Free SSL certificates have always been available to webmasters. Some cPanel installations feature free SSL certificate generators, Webmin has an SSL generator and there are many free SSL certificate generators to be found online.

Most of these free certs are unsigned. They are issued by non authenticated (read ‘unrecognised’) certificate authorities. This means most free SSL certificates cause web browsers to warn about untrusted connections.

Cloudflare already offers free SSL to its users and has been doing so since the end of September 2014. Known as Universal SSL, use of Cloudflare’s free SSL is only feasable when the originating website’s server uses SSL.

Some free SSL certs are recognised and trusted by browsers. StartSSL issues recognised SSL certificates for free. These certs are recommended by Cloudflare to webmasters who want to use Universal SSL yet do not want to pay for their SSL certificate. These certificates are not intended for ecommerce.

Jump forward to Summer 2015

Soon TLS/SSL certificates that are recognised, signed and suited to ecommerce will be issued by letsencyrpt.org. These will be available to all webmasters who apply for them.

Why SSL everywhere?

To deter unwarranted snooping
To prevent identity theft
To make the web more secure
To make the secure web affordable
To increase visitor trust

Drop other reasons you can think of into the comments.

Jump forward to Summer 2015

Why SSL everywhere?

Further reading