Last updated on October 26th, 2020 at 10:23 am
Today, we are looking at letsencrypt vs paid SSL.
What is an SSL Certificate
A Secure Socket Layer (SSL) certificate is a security feature that encrypts communication between your computer and the website server when you access a website. Basically, it allows your computer to ‘speak’ with the server in a secure language that cannot be eavesdropped on by another person. This is very important and soon all websites will have to use SSL.
To start our letsencrypt vs paid SSL comparison, we have two types of SSL, Self signed SSL, and Verified SSL. Self Signed SSL is one created and issued by yourself from your computer and is not certified by a Certificate Authority (CA).
This one shows a yellow marking in place of the green padlock indicating to the visitor accessing the site that the certificate isn’t verified.
It’s not advisable to use a self-signed certificate for online websites. The other type, Verified SSL is issued by a Certificate Authority and displays a green padlock near the https tag in your browser. These are the certificates that should be used when deploying websites online.
What is a Certificate Authority
A Certificate Authority (CA) is an organization that verifies and issues an SSL certificate so that it’s installed on a domain name. There are several CAs available. One such organization is called Let’s Encrypt.
What sets this Let’s Encrypt apart from the rest is that, it issues Free SSL certificates, fully verified. Other CAs will sell SSL certificates at some price but Let’s Encrypt will provide the certificates free of charge.
The Let’s Encrypt certificate is provided free for life for any domain registered. The functionality of the certificates is the same as those provided by premium CAs.
How to get Let’s Encrypt.
As far as letsencrypt vs paid SSL is concerned, there are several ways through which Let’s Encrypt makes certificates available for anyone who wishes to use it. Here are ways to acquire it:
- Using your hosting control panel.
Let’s Encrypt CA has come to an understanding with many hosting control panels such as cPanel, Plesk, CentosWeb-Panel, etc to provide a free SSL plug-in for users to automatically install and renew SSL certificates.
- Using websites that provide SSL
Let’s Encrypt CA has an agreement with some websites to provide the certificate for free. One such website is https://sslforfree.com The issuance process is simple and straight forward for ease of acquiring the certificate.
- Using certbot
Certbot is a package available for RHEL/Centos and Ubuntu servers that allows you to automatically fetch, install, and renew SSL certificates provided by Let’s Encrypt. This package is best suited for users who use SSH access to a VPS or Dedicated Servers in KE instead of using control panels like cPanel.
Comparison between Let’s Encrypt and other paid SSLs
Below is a comparison table between Let’s Encrypt SSL and Other premium SSLs. This will go a long way to help you understand why you should use an SSL certificate and when you could opt for the premium options instead of Let’s Encrypt.
Letsencrypt vs paid ssl
| Let’s Encrypt SSL | Premium/paid SSL | |
| Price | Free for life | Cost ranges from a few dollars to thousands of dollars depending on the type of SSL |
| Duration before expiry | Can be issued for 4 months before it expires | Can be issued for 3 years before it expires |
| Set up ease | Very easy to set up | Ease of setup varies with EV certificates being most complex to setup |
| Funding of the CA | Donations/Sponsorships from individuals and organisations | These CAs fund themselves from money obtained through selling SSL certificates |
| Certificate type offered (DV |OV | EV) | Offers DV only hence serving as a solution only to some websites | Offers DV, OV and EV certificates hence providing SSL for any website |
| Warranty | Does not offer warranty in case of data breach | Offers warranties in case your secured site experiences a data breach |
| Site seal | No site seal provided | Site seal is provided |
In conclusion, Let’s Encrypt brings a solution to the market so that no website has a reason not to run securely under https. However, it does not cover all grounds as some organizations such as banks and e-commerce sites need EV certificates to really secure their clients’ transactions.
This is because EV certificates prove the identity of a site beyond a reasonable doubt by adding the organization’s name to the address bar.
That cannot be achieved using Let’s Encrypt.
But at least, if all goes south, the least to expect from any site, whether e-commerce, a blog, a mail server, or an online portal is that they should be secured by SSL because Let’s Encrypt provides SSL certificates free – for life.