Since the second week of October 2016, Cloudbric has transitioned from GlobalSign to Let’s Encrypt as our SSL solution, allowing us to apply free SSL to all websites using Cloudbric. Unlike other SSL services that limit certificate issuance to one per domain, Cloudbric users can be issued a certificate per subdomain.
What is SSL?
SSL stands for Secure Sockets Layer, which in the age of the Internet is an important global standard security technology. It ensures a secure connection between a web browser and a web server.
Many online businesses utilize SSL to reduce the risk of having sensitive information stolen. When SSL is enabled, the “https” protocol is activated. If you have ever noticed a lock icon or green bar next to a website URL, you can rest assured that you have a secure connection.
Here’s what users can expect with SSL certificates generated by Cloudbric:
The image above shows what visitors will see on a user’s site when they evaluate the security of the site on a Chrome browser. The connection is evaluated to be secure — utilizing a “strong” TLS 1.2 protocol, a “strong” RSA key exchange, and a “strong” AES cipher.
What is Let’s Encrypt?
Let’s Encrypt is a free, automated, and open certificate authority (CA) created by the non-profit Internet Security Research Group (ISRG). It is cross-signed by IdenTrust, a formidable CA trusted by all major browsers. What this means is that intermediate certificates signed by IdenTrust can maintain a very strong Chain of Trust when it signs the certificates on your site.
Since its launch in November 2014, Let’s Encrypt has issued over 100 million digital certificates, with active certificates almost numbering 60 million. Let’s Encrypt is sponsored by Fortune 100 companies and nonprofits as part of their mission to facilitate the development of a more secure web.
How does this transition affect Cloudbric users?
All our users will be able to encrypt communication exchanged on their sites with Let’s Encrypt certificates for free — indefinitely.
Cloudbric is proud to provide an additional layer of protection against sensitive data exposure and man-in-the-middle (MITM) attacks through our free SSL service. Each SSL certificate issued lasts 90 days, afterwhich they are automatically renewed — that means zero certificate management required for Cloudbric users.
While Let’s Encrypt provides SSL certificates for free, Cloudbric further supports their project of creating a safer web by making these SSL certificates free to install, and applied automatically.
Without Cloudbric, website admins must manually install an agent known as a certbot into their webserver to get SSL certificates from the Let’s Encrypt authentication server. Additionally, website admins will eventually be asked to manually obtain reissued SSL certificates and install them every three months. We understand that, even with free SSL certificates available, the practical implementation of these certificates to people’s websites isn’t always easy or even free.
That is why Cloudbric launched this free SSL service that allows for an easy adoption of secure HTTPS protocols with a much more automated process — by eliminating these hurdles for our users. Because we have installed a certbot at Cloudbric’s server, additional actions like domain validation, manual uploading of certificates to the web server and certificate renewals are automated.
Why Would People Need Free SSL Certificates Anyway?
There are a number of reasons why this service could come in handy for many:
- User wants to get an SEO boost from enabling HTTPS
- User wants to boost conversions by displaying the security padlock icon
- User is trying to obtain PCI-DSS compliance
- User’s custom SSL certificate is about to expire, and needs another in the interim
Contrary to popular belief, there are absolutely no technical disadvantages to using a free SSL certificate as compared to a paid one. For an explanation on that as well as other common questions people have about free SSL certificates, take a look at our post titled “Free SSL Certificate FAQs”.
Let’s Encrypt certificates help businesses work towards PCI compliance, especially in meeting requirement 4.1: Automatically applying strong encryption. The keyword here is “strong”. As shown in the image above, Let’s Encrypt certificates implemented through Cloudbric can create a secure connection through TLS 1.2 — a “strong protocol” which meets the PCI Security Standards Council’s definition of “strong cryptography.”
Users who can’t wait to get started on upgrading security on their site with our free SSL service might want to take a further look at how our Redirection Mode maximizes security and SEO benefits from SSL certificates by redirecting traffic to HTTPS and WWW URLs.
Editor’s Note: This post was originally published in October 2016 and has been updated for relevance and comprehensiveness.