HTTPS (SSL/TLS) and Let's Encrypt

The green lock icon in the browser location bar is displayed when a website is considered “secure” by the browser. A trend online has been to push all sites to adopt securing their site, even if there is no need for security. One historical reason the internet has not had a green lock icon on every site is that it has been prohibitively expensive to secure a website, with quite a bit of manual work to implement the security as well.

Let’s Encrypt was founded by a few employees of large organizations and companies to help move the entire internet to a secure state. Today Let’s Encrypt provides free HTTPS (SSL/TLS) certificates therefore removing the cost of securing a website. They even provide free software (Certbot) to help automate the installation and maintenance of the certificates.

Let’s Encrypt was founded by Electronic Frontier Foundation (EFF), Mozilla Foundation (makers of the FireFox browser), University of Michigan, Akamai Technologies and Cisco Systems. More can be read about Let’s Encrypt on Wikipedia: https://en.wikipedia.org/wiki/Let's_Encrypt

SSL, TLS and HTTPS

HTTP is Hyper Text Transport Protocol, to simplify what this is, it’s the language which allows all the computers and devices to share information over the internet. HTTPS is HTTP Secure, the “secure” part implies that no one can monitor or alter the communication between your device and the originating provider of the information you are accessing.

The “S” in HTTPS in common language demonstrates that the site has an “SSL certificate”, but that’s not particularly accurate. SSL is Secure Sockets Layer, and despite being a commonly used term, is no longer actually used and is considered insecure. TLS is Transport Layer Security, and has replaced the SSL protocol.