Let's Encrypt Certificate Authority

Let's Encrypt is a free, automated, and open certificate authority operated by the Internet Security Research Group (ISRG), a California-based public benefit corporation. Since launching in 2015, the service has issued billions of free TLS and SSL certificates, now securing over 700 million websites worldwide and playing a pivotal role in making HTTPS the default across the web. The service is entirely free with no paid tiers, funded through corporate sponsorships and individual donations. Diamond sponsors include Google Chrome, Amazon Web Services, the Open Technology Fund, and Microsoft, while Platinum sponsors include Mozilla, the Electronic Frontier Foundation, and OVHcloud. Let's Encrypt pioneered the ACME (Automatic Certificate Management Environment) protocol (RFC 8555), which enables automated certificate issuance and renewal without manual intervention, eliminating the operational burden of certificate management. Certificates are valid for 90 days, encouraging automation and reducing the impact of key compromise. ISRG also operates Prossimo, an initiative to bring memory-safe code to critical Internet security infrastructure using Rust, and Divvi Up, a privacy-preserving metrics collection system. Looking toward the future, the organization is researching post-quantum cryptography through Merkle Tree Certificates as a potential supplement to traditional PKI. The service supports domain-validated certificates through HTTP-01, DNS-01, and TLS-ALPN challenge types, with rate limits designed to accommodate both small and large-scale certificate issuance.