Let’s Encrypt 将于2018年 1 月起提供免费泛域名SSL证书



Let’s Encrypt将于2018年1月开始发布通配符证书。通配符证书是一个常用的功能,我们知道有一些使HTTPS部署更容易的用例。我们希望提供通配符将有助于加速Web向100%HTTPS的发展。

我们的加密目前通过我们的全自动DV证书颁发和管理API保护了4700万个域名。自从Let’s Encrypt的服务于2015年12月上市以来,这对互联网的加密页面加载量从40%增加到58%贡献巨大。如果您对通配符可用性和我们的使命感到非常兴奋,那么我们会问这个问题:你为我们的夏季筹款活动做出贡献。

通配符证书可以保护基本域的任何数量的子域(例如* .example.com)。这允许管理员为一个域及其所有子域使用单个证书和密钥对,这可以使HTTPS部署更加容易。

通配证书将通过我们即将推出的ACME v2 API端点免费提供。我们最初只支持通过DNS进行基本域验证以获得通配符证书,但可能会随着时间的推移探索其他验证选项。我们鼓励人们在我们的社区论坛上提出任何关于通配证书支持的问题。


我们要感谢我们的社区和我们的赞助商让我们所做的一切成为可能。如果您的公司或组织能够赞助Let’s Encrypt,请发送电子邮件至sponsor@letsencrypt.org。




Let’s Encrypt will begin issuing wildcard certificates in January of 2018. Wildcard certificates are a commonly requested feature and we understand that there are some use cases where they make HTTPS deployment easier. Our hope is that offering wildcards will help to accelerate the Web’s progress towards 100% HTTPS.

Let’s Encrypt is currently securing 47 million domains via our fully automated DV certificate issuance and management API. This has contributed heavily to the Web going from 40% to 58% encrypted page loads since Let’s Encrypt’s service became available in December 2015. If you’re excited about wildcard availability and our mission to get to a 100% encrypted Web, we ask that you contribute to our summer fundraising campaign.

A wildcard certificate can secure any number of subdomains of a base domain (e.g. *.example.com). This allows administrators to use a single certificate and key pair for a domain and all of its subdomains, which can make HTTPS deployment significantly easier.

Wildcard certificates will be offered free of charge via our upcoming ACME v2 API endpoint. We will initially only support base domain validation via DNS for wildcard certificates, but may explore additional validation options over time. We encourage people to ask any questions they might have about wildcard certificate support on our community forums.

We decided to announce this exciting development during our summer fundraising campaign because we are a nonprofit that exists thanks to the generous support of the community that uses our services. If you’d like to support a more secure and privacy-respecting Web, donate today!

We’d like to thank our community and our sponsors for making everything we’ve done possible. If your company or organization is able to sponsor Let’s Encrypt please email us at sponsor@letsencrypt.org.