RSS Parrot

A Post-Quantum Future for Let's Encrypt

https://letsencrypt.org/2026/06/03/pq-certs.html

Published: June 3, 2026 00:00

Let’s Encrypt is committed to a post-quantum-safe Web PKI. The path we’re planning to take is Merkle Tree Certificates (“MTCs”), a new approach that adds post-quantum authentication to the web without sacrificing the speed and reliability that have made…

The difficulty of making sure your website is broken

https://letsencrypt.org/2026/04/10/test-sites.html

Published: April 10, 2026 00:00

Have you ever needed to make sure your website has a broken certificate? While many tools exist to help run an HTTPS server with valid certificates, there aren’t tools to make sure your certificate is revoked or expired. This is not a problem most people…

Simplifying Certificate Renewals for Millions of Domains with ACME Renewal Information (ARI)

https://letsencrypt.org/2026/03/17/acme-renewal-information-ari.html

Published: March 17, 2026 00:00

Nick Silverman is a Senior Infrastructure Engineer on the Edge Infrastructure team at Shopify, where he maintains the systems that provision, renew, and publish SSL certificates for millions of merchants’ custom domains. He is also a contributor to the…

Six-Day and IP Address Certificates Available in Certbot

https://letsencrypt.org/2026/03/11/shorter-certs-certbot.html

Published: March 11, 2026 00:00

As we announced earlier this year, Let’s Encrypt now issues IP address and six-day certificates to the general public. The Certbot team at the Electronic Frontier Foundation has been working on two improvements to support these features: the…

Shorter Certificate Lifetimes and Rate Limits

https://letsencrypt.org/2026/02/24/rate-limits-45-day-certs.html

Published: February 24, 2026 00:00

As previously announced, over the next two years we will be switching the default certificate lifetime from 90 days to 64 days, and then 45 days. This will ultimately double the number of certificate renewal requests each day: today we expect renewal…

DNS-PERSIST-01: A New Model for DNS-based Challenge Validation

https://letsencrypt.org/2026/02/18/dns-persist-01.html

Published: February 18, 2026 00:00

When you request a certificate from Let’s Encrypt, our servers validate that you control the hostnames in that certificate using ACME challenges. For subscribers who need wildcard certificates or who prefer not to expose infrastructure to the public…

On the Importance of "Hello" and "Thanks"

https://letsencrypt.org/2026/02/05/fosdem2026.html

Published: February 5, 2026 00:00

In a recent conversation with a Let’s Encrypt subscriber, we asked them to guess how many people work at ISRG, the nonprofit behind Let’s Encrypt (and Prossimo and Divvi Up). Their guess was about 100; they’d overestimated by 72.5 people. We’re a pretty…

6-day and IP Address Certificates are Generally Available

https://letsencrypt.org/2026/01/15/6day-and-ip-general-availability.html

Published: January 15, 2026 00:00

Short-lived and IP address certificates are now generally available from Let’s Encrypt. These certificates are valid for 160 hours, just over six days. In order to get a short-lived certificate subscribers simply need to select the ‘shortlived’ certificate…

A Note from our Executive Director

https://letsencrypt.org/2025/12/29/eoy-letter-2025.html

Published: December 29, 2025 00:00

This letter was originally published in our 2025 Annual Report. This year was the 10th anniversary of Let’s Encrypt. We’ve come a long way! Today we’re serving more than 700 million websites, issuing ten million certificates on some days. Most importantly,…

10 Years of Let's Encrypt Certificates

https://letsencrypt.org/2025/12/09/10-years.html

Published: December 9, 2025 00:00

On September 14, 2015, our first publicly-trusted certificate went live. We were proud that we had issued a certificate that a significant majority of clients could accept, and had done it using automated software. Of course, in retrospect this was just…