Information Security
tls letsencrypt
Updated Sat, 01 Oct 2022 11:47:40 GMT

Why does anyone not use Let's Encrypt?

Let's Encrypt offers free TLS certificates, including wildcard certificates. Is there ever a reason to pay for a certificate? Is it just "we have to pay for everything so we can sue someone if something breaks" corporate policies?


The commercial certificate issuers provide technical support. So in case something goes wrong, you have access to a support contact instead of hoping for someone from the community to answer you. Commercial providers issue certificates for longer periods than the 90 days LetsEncrypt certificates.

Together with this there are perks like warranties, proprietary certificate management tools and fancy "this site is secure" .jpgs / site seals.

Comments (2)

  • +3 – As far as I know, there are zero known cases of a warranty ever paying out. But customers certainly may mistakenly consider them a useful selling point. — Jul 31, 2022 at 01:04  
  • +0 – The 90 day validity period definitely matters. Renewing certificates every 90 days means either writing automation software, installing 3rd-party software on your server, or manual IT effort. — Aug 05, 2022 at 14:49