We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

SSL certificates - Let's encrypt

Options
I have a website that's in the final stages of being built by a developer using Wordpress with WooCommerce. It is an e-commerce site for my subscription box business, so will have recurring monthly payments and therefore I need to secure it. I use Vidahost cloud hosting and they charge £46.80 for a SSL certificate, or installing a third party one for £22.80. Alternatively, you can install a Lets Encrypt SSL certificate free of charge. Is Lets Encrypt as secure as the other paid for options?

Comments

  • In terms of encrypting communications it is, they all use the same algorithms. You don't get things like extended validation (you won't get that on cheap certificates from the well known brands either) or wildcards though. I've been using one to secure my IMAP server for the last couple of years without problems.

    Be aware that their certificates last three months, not some multiple of years. They have a tool (certbot) that auto-renews them, if you can install extra software on your site.
    Proud member of the wokerati, though I don't eat tofu.Home is where my books are.Solar PV 5.2kWp system, SE facing, >1% shading, installed March 2019.Mortgage free July 2023
  • Giggidy
    Giggidy Posts: 256 Forumite
    Part of the Furniture 100 Posts Name Dropper Combo Breaker
    Would I need to physically renew it every 3 months, if I am not able to install the certbot?
  • Yes, because the certificates only have three month duration, so you'd need to request a new one and install it. Do you value the time it would take you at more than £6/quarter?
    Proud member of the wokerati, though I don't eat tofu.Home is where my books are.Solar PV 5.2kWp system, SE facing, >1% shading, installed March 2019.Mortgage free July 2023
  • I've never liked SNI. TLS works at a level above HTTP so name based virtual hosting should never be possible for secure sites.
    Proud member of the wokerati, though I don't eat tofu.Home is where my books are.Solar PV 5.2kWp system, SE facing, >1% shading, installed March 2019.Mortgage free July 2023
  • Giggidy
    Giggidy Posts: 256 Forumite
    Part of the Furniture 100 Posts Name Dropper Combo Breaker
    Thanks for the info, but I have no idea what that means, can you explain it to me in laymen's terms please?
  • That response in itself should indicate that you'd be better of spending a bit more and getting the certificate installed by someone on your behalf.
  • ehlo
    ehlo Posts: 397 Forumite
    Part of the Furniture 100 Posts
    Giggidy wrote: »
    Would I need to physically renew it every 3 months, if I am not able to install the certbot?
    Yes, because the certificates only have three month duration, so you'd need to request a new one and install it. Do you value the time it would take you at more than £6/quarter?

    Giggidy, looking at Vidahosts website, it seems as though they handle the auto-renewal for you. This it what any competent company should do for Lets Encrypt :).

    The developer you're working with should be able to provide further details if you need them.
  • Giggidy
    Giggidy Posts: 256 Forumite
    Part of the Furniture 100 Posts Name Dropper Combo Breaker
    ehlo wrote: »
    Giggidy, looking at Vidahosts website, it seems as though they handle the auto-renewal for you. This it what any competent company should do for Lets Encrypt :).

    The developer you're working with should be able to provide further details if you need them.

    So far Vidahost's service has been fantastic! They helped me set Let's encrypt up on my website, the developer just has to force the https redirect I was told
  • tronator
    tronator Posts: 2,859 Forumite
    Part of the Furniture 1,000 Posts Name Dropper
    Be aware that their certificates last three months, not some multiple of years. They have a tool (certbot) that auto-renews them, if you can install extra software on your site.

    If a company offers Let's Encrypt then they will most certainly have the certbot installed and let it renew the certificates automatically. Otherwise what would be the point of offering LE?
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 350.9K Banking & Borrowing
  • 253.1K Reduce Debt & Boost Income
  • 453.5K Spending & Discounts
  • 243.9K Work, Benefits & Business
  • 598.7K Mortgages, Homes & Bills
  • 176.9K Life & Family
  • 257.1K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.