Let’s Encrypt vs. Other Certificate Authorities (CAs)

Wednesday, February 17, 2016

let's encrypt logoWith the entrance of ‘Let’s Encrypt’ – a free, automated and open service that allows you to create SSL/TLS certificates without any email validation needed – you’d be thinking why go for a paid SSL solution?

As enticing as Let’s Encrypt may be, there is some shortfall with the service that doesn’t quite match up to paid SSLs.

1. Let’s Encrypt SSL Certificates are Domain Validated (DV), not Organisation Validated (OV) or Extended Validated (EV)

If you are currently paying for a DV SSL certificate, you may wish to consider Let’s Encrypt for the same product at no cost.

However, DV certificate is not suitable for all businesses in particular, mid-sized to big establishments such as banks, insurance companies, e-commerce business, travel agencies where a high integrity is expected of websites. In such cases, an OV and EV certificate can set you apart from the saturated market of low assurance websites encrypted with DV certificates. If you’re looking at the green bar of assurance, for a higher level of trust, you’ll definitely need to pay for an extra amount for the work needed to validate your company.

2. No Technical Support in the Activation Process

Let’s Encrypt requires you to be familiar with your server’s command prompt and you’ll need to have some programming knowledge to get through the process. If you don’t, you may get stuck midway and there will be no technical support to fall back on. This is unlike paid SSL solutions, where part of their service as a CA is to provide technical support. DigiCert is one CA that provides 24/7 tier-3 level support via live chat, email and phone.

3. No Special Features such as Duplication of Certificate, Unlimited Server License

If you have multiple servers with the same Fully Qualified Domain Name (FQDN), you’ll need to repeat the command prompt for each server in order to generate a certificate. And every server works differently, so more time is needed on your end to fulfill your own requirements. With CAs, you’ll get features such as duplication and unlimited server license that allows you to multiple the purchased certificate as many times as you want.

4. Client Account? Nope.

If you have several certificates for different servers, you need to keep track of what certificate has been used. With a client account provided by CAs, however, all your certificates purchased will be summarized in one account for easy reference.

5. Still in Beta Phrase

Let’s Encrypt is still in beta stage and most of its technology and compatibility have yet to be fully tested and verified. By going for CAs that has been in the industry for years, you can be sure that the certificate will work with your expectations.

Who is Let’s Encrypt Suitable For?

  • People looking to validate domain at absolutely no cost
  • People who are familiar with their server’s command prompt
  • People who have the time to activate Let’s Encrypt certificate for all server types
  • People who are willing to take the risk!

About Us

Cyber Secure Asia is a partner of DigiCert in South East Asia, providing SSL certificate, Code Signing, Document Signing and SecureWifi certificate solutions.

Email: info@cybersecureasia.com
Telephone: +(65) 6248 0858

Share :    


Back to Blog