About
Let’s Encrypt is a certificate authority that issues free Domain Validation (DV) TLS certificates for websites and other domain-based services. It uses the ACME protocol and automated clients to let operators obtain, renew, and manage certificates without manual issuance.
The service is operated by the nonprofit Internet Security Research Group (ISRG). It supports wildcard certificates through DNS-01 challenges, SAN certificates with multiple names, and standard certificate lifetimes of 90 days, with an optional six-day short-lived certificate profile.
- Free DV TLS certificates
- ACME-based automated issuance
- 90-day default certificate lifetime
- Six-day short-lived profile
- Wildcard certificates via DNS-01
- SAN certificates with multiple names
- Nonprofit-operated certificate authority
Free Tier Value
This free tier has no usage cap and no paid upgrade path on the page, so there is no defensible monthly dollar equivalent to estimate. It is perpetual and fully usable for its intended certificate issuance use case, with the only practical friction being the normal domain-validation process rather than pricing or account gating.
What's included in the free tier
- Free SSL/TLS certificates for websites.
- Domain Validation (DV) certificates only.
- Certificates valid for 90 days by default.
- Optional short-lived certificates valid for six days.
- Certificates can include multiple domain names (SAN).
- Wildcard certificates available via DNS-01 challenge.
- No fee for certificates.
See Let's Encrypt pricing for current limits.