Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction to Let’s Encrypt

Published byJelle Aerts Modified over 5 years ago

Similar presentations

Presentation on theme: "Introduction to Let’s Encrypt"— Presentation transcript:

1 Introduction to Let’s Encrypt
October 11, 2018 Justin Sun

2 When you visited the nejug
When you visited the nejug.org website, you may have noticed a padlock icon and https in the address bar.

3 Padlock icon Your browser is communicating securely with the nejug.org through an encrypted channel Your browser trusts nejug.org because the NEJUG website has a certificate The certificate is valid – not expired and not revoked The certificate is signed by a Certificate Authority (CA) that your browser trusts

4 Certificates and Certificate Authorities
When you visit a website over a secure connection, the website presents your browser with a digital certificate. This certificate identifies the hostname of the site and verifies the site owner. Certificates are issued to website operators and signed by a Certificate Authority (CA). The proof of identity represented in a Certificate may be trusted by the user as long as the user trusts the Certificate Authority. Modern operating systems typically ship with over 200 trusted CAs, some of which are operated by governments. Today’s model requires all users to trust that the hundreds of CA organizations correctly issue certificates... Source: Google’s Transparency Report has a great definition of a certificate and a certificate authority.

5

6 Let’s Encrypt Free: Anyone who owns a domain name can use Let’s Encrypt to obtain a trusted certificate at zero cost. Automatic: Software running on a web server can interact with Let’s Encrypt to painlessly obtain a certificate, securely configure it for use, and automatically take care of renewal. Open: The automatic issuance and renewal protocol will be published as an open standard that others can adopt. Source:

7 Automatic Certificate Management Environment (ACME)
Protocol for interacting with a CA Verify that applicant owns a domain Issuance of the certificate Source: acme.html#rfc.section.6.1

8 Using Let’s Encrypt Domain owner provides proof of ownership of a domain Let’s Encrypt verifies information submitted If verification is successful, the domain owner can create a new certificate, good for 90 days

9 How it works – Domain owner
Verify domain ownership – File or DNS change Verify keypair ownership – Sign nonce Source:

10 How it works - CA Source:

11 How it works – certificate operations
Create certificate Renew within 30 days of expiration Revoke certificate

12

13 Growth Date Certificates issued March 8, 2016 1 million April 21, 2016
June 3, 2016 4 million June 22, 2016 5 million September 9, 2016 10 million November 27, 2016 20 million December 12, 2016 24 million June 28, 2017 100 million August 6, 2018 115 million September 14, 2018 380 million Source:

14 How many certificates have been issued?

15 Resources Let’s Encrypt Website: https://LetsEncrypt.org
Wikipedia entry:

Download ppt "Introduction to Let’s Encrypt"

Similar presentations

Chubaka Producciones Presenta :.

Chubaka Producciones Presenta :.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
2012 JANUARY Sun Mon Tue Wed Thu Fri Sat

2012 JANUARY Sun Mon Tue Wed Thu Fri Sat
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E 36th RIPE Meeting Budapest 2000 APNIC Certificate Authority Status Report.

A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E 36th RIPE Meeting Budapest 2000 APNIC Certificate Authority Status Report.
CERTIFICATES “a document containing a certified statement, especially as to the truth of something ”

CERTIFICATES “a document containing a certified statement, especially as to the truth of something ”
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.

Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
Digital Certificates Made Easy Sam Lutgring Director of Informational Technology Services Calhoun Intermediate School District.

Digital Certificates Made Easy Sam Lutgring Director of Informational Technology Services Calhoun Intermediate School District.
Module 9: Fundamentals of Securing Network Communication.

Module 9: Fundamentals of Securing Network Communication.
DATE POWER 2 INCOME JANUARY 100member X 25.00P2,500.00 FEBRUARY 200member X 25.00P5,000.00 MARCH 400member X 25.00P10,000.00 APRIL 800member.

DATE POWER 2 INCOME JANUARY 100member X 25.00P2, FEBRUARY 200member X 25.00P5, MARCH 400member X 25.00P10, APRIL 800member.
Security fundamentals Topic 5 Using a Public Key Infrastructure.

Security fundamentals Topic 5 Using a Public Key Infrastructure.
SSL Certificates for Secure Websites Dan Roberts Kent Network Users Group Wednesday, 17 March 2004.

SSL Certificates for Secure Websites Dan Roberts Kent Network Users Group Wednesday, 17 March 2004.
Creating and Managing Digital Certificates Chapter Eleven.

Creating and Managing Digital Certificates Chapter Eleven.
2011 Calendar Important Dates/Events/Homework. SunSatFriThursWedTuesMon January 2011 65432131 30292827262524 23222120191817 16151413121110 9876543 213130292827.

2011 Calendar Important Dates/Events/Homework. SunSatFriThursWedTuesMon January
July 2007 SundayMondayTuesdayWednesdayThursdayFridaySaturday 1234567 891011121314 15161718192021 22232425262728 293031.

July 2007 SundayMondayTuesdayWednesdayThursdayFridaySaturday
Let’s Encrypt and DANE ENOG 11 | Moscow | 8 Jun 2016.

Let’s Encrypt and DANE ENOG 11 | Moscow | 8 Jun 2016.
Communication protocols 2. HTTP Hypertext Transfer Protocol, is the protocol of World Wide Web (www) Client web browser Web server Request files Respond.

Communication protocols 2. HTTP Hypertext Transfer Protocol, is the protocol of World Wide Web (www) Client web browser Web server Request files Respond.
Digital Certificates Presented by: Matt Weaver. What is a digital certificate? Trusted ID cards in electronic format that bind to a public key; ex. Drivers.

Digital Certificates Presented by: Matt Weaver. What is a digital certificate? Trusted ID cards in electronic format that bind to a public key; ex. Drivers.
Key management issues in PGP

Key management issues in PGP
Setting and Upload Products

Setting and Upload Products

Similar presentations

Ads by Google