The PalAss Hosting service offers free Domain Validation (DV) certificates for all hosted websites and mail servers on our Amazon Web Services servers running Plesk Onyx. The certificates are provided by the nonprofit Let's Encrypt organisation. Their mission is to create a more secure and privacy-respecting web by promoting the widespread adoption of HTTPS. We recommend that all website using our newer AWS hosting take advantage of this free to use service and secure their websites and email.
At this point we are not forcing our client to adopt HTTPS; however with future internet browsers and search engines unlikely to offer smooth user experiences to non HTTPS sites we highly recommend early adoption.
Who Are Let's Encrypt
Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG).
See https://letsencrypt.org/about/ for more details.
Why do their Certificates Expire after 90 days?
The 90 day limits damage from key compromise and mis-issuance, this also means stolen keys and mis-issued certificates are valid for a shorter period of time. It also encourage automation, which is absolutely essential for ease-of-use. As issuance and renewal are automated on our PalAss Hosting services, shorter lifetimes won’t be any less convenient than longer ones.
See https://letsencrypt.org/2015/11/09/why-90-days.html for more information.
Are There Any Known Complitbilites Issues?
Let’s Encrypt aims to be compatible with as much software as possible without compromising security. The main determining factor for whether a platform can validate Let’s Encrypt certificates is whether that platform includes IdenTrust’s DST Root X3 certificate in its trust store. A secondary factor is whether the platform supports modern SHA-2 certificates, since all Let’s Encrypt certificates use SHA-2.
See https://letsencrypt.org/docs/certificate-compatibility/ for more information.