Featured products and servicesadvertise here
Blog CategoriesAllNews AddToAny Adobe DTM AdRoll Advertising Networks Akamai Alibaba Amazon Amazon CloudFront Angular Apache ASP.NET ASP.NET Ajax Baidu Analytics Baidu Share Bitrix Blogger Bootstrap CDNJS CentOS Character Encodings China Telecom China Unicom Chitika Client-side Languages Cloudflare Cloudflare Server ColdFusion Compression Concrete CMS Content Delivery Content Languages Content Management Cookies CSS Frameworks Data Centers DataLife Engine Debian Default Protocol Https DigiCert DigiCert Group Discuz! DNS Servers Dojo DoubleClick Drupal Elementor Email Servers Ensighten Equativ ExoClick Fastly Fedora Flash Full Circle Studies Gemius Gentoo GlobalSign Gmail GoDaddy Group Google +1 Google Ads Google AdSense Google Analytics Google Hosted Libraries Google Servers Google Tag Manager GridPane Gunicorn Histats Hostinger Hotjar HTML HTML5 HTTP/2 HTTP/3 IdenTrust Image File Formats Infolinks IPv6 Java JavaScript JavaScript Libraries Joomla JQuery JQuery CDN JsDelivr Let’s Encrypt Liferay Linux LiteSpeed Magento Markup Languages Matomo Matomo Tag Manager Meta Pixel Microsoft Microsoft Advertising Microsoft-IIS Modernizr MooTools New Relic Newfold Digital Group Nginx Node.js Operating Systems OVH PHP Plesk Plone PNG PopAds PrestaShop Prototype Python Quantcast React Red Hat Reverse Proxies Ruby RunCloud Scala Scientific Linux Sectigo Server Locations Server-side Languages SharePoint Shopify Silverlight Site Elements Snowplow Social Widgets SPDY Squarespace SSL Certificate Authorities Symantec Group Tag Managers Tailwind Tealium Team.blue Tomcat Top Level Domains Traffic Analysis Tools Twitter/X TYPO3 Ubuntu UIkit Umeng Underscore United Internet Unix Unpkg UTF-8 VBulletin Web Hosting Web Panels Web Servers Windows Wix WordPress WordPress Jetpack XHTML Yandex.Direct Yandex.Metrica YUI Library |
The impact of Let's Encrypt on the SSL certificate marketPosted by Matthias Gelbmann on 26 September 2016 in News, IdenTrust, Let’s Encrypt, SSL Certificate AuthoritiesLet's Encrypt certificates used by 3% of all websites If we look at the SSL certificate authorities survey, we find Let's Encrypt way down at rank 14 with 0.1% market share. However, this is misleading. As it takes a while to be included as a trusted authority in most user's browsers, Let's Encrypt certificates are cross-signed by IdenTrust at the moment. The wast majority of Let's Encrypt sites therefore use IdenTrust as root certificate, thus preventing the browser showing confusing warnings to visitors. IdenTrust has been around for a long time, but its SSL certificate market share was pretty much negligible before the Let's Encrypt deal. Therefore, if we look at the IdenTrust statistics, we basically see the Let's Encrypt adoption rate. We see that Let's Encrypt is now used by 3% of all websites, that is an SSL certificate market share of 13.1%, which brings it at rank 3 after Comodo and Symantec. What impact does that have on the SSL certificate market and on its competitors? The SSL certificate market as a whole is growing quickly One remarkable observation from last year's market trend is the fact that most of the other certificate authorities also increased the number of sites they are serving. Comodo, for example, is now used by 9.2% of all sites, up from 5.9% one year ago. The gain from Let's Encrypt primarily comes from sites that did not use a valid SSL certificate before. 30.7% of the websites use no certificate at all now, that share was 37% last year. A remarkable 44.9% (down from 46% last year) of all sites use an invalid certificate, that is a certificate that has been issued for another domain. Most of these invalid certificates are installed by hosting providers as a free service for their customers. Webmasters may use these certificates for testing or for internal use, most sites probably never use them. Interestingly, the number of expired certificates has increased from 0.2% to 0.9% since the start of Let's Encrypt. It seems that a fair number of people request their free certificate, perhaps don't even use it, and let it expire. The fact that Let's Encrypt certificates are valid only for three months, instead of the usual year, certainly plays a role too. The total share of websites that use a valid certificates went up from 16.2% to 23.0%, the whole certificate market is growing quickly. As we have seen above, only less than half of that increase comes from Let's Encrypt certificates, more than half went to other CAs. Nevertheless, webmasters change their certificate provider from time to time, some of the sites that now use Let's Encrypt have used other CAs before. Looking at the technology change report we see that Let's Encrypt gains websites primarily from GlobalSign, followed by Comodo and Symantec. Let's Encrypt certificates used by low-traffic sites Our market position diagram shows another aspect of the market: CAs near to top border of the diagram are primarily used by high traffic sites, whereas CAs near the bottom border are preferred by low traffic sites. It comes as no surprise that IdenTrust, and thus Let's Encrypt, comes at the low-traffic end of the market, as they issue only Domain Validated SSL Certificates at the moment. High-traffic sites often require some form of Extended Validation SSL Certificates, which are more expensive. Furthermore, Let's Encrypt does not yet issue wildcard certificates. France loves Let's Encrypt There are significant regional differences in the adoption of Let's Encrypt. They are market leader in several countries, most notably in France with 46.3% market share. On the other hand, they have hardly started in some Asian countries such as China (3.1% market share), South Korea (1.8%) and Japan (1.5%). Outlook With 77% of all websites not yet using a valid SSL certificate, we can expect Let's Encrypt to continue to grow in the coming years. Once browsers have them listed as trusted authority, we will see them with their own name in our statistics, rather than under the IdenTrust root certificate. Let's Encrypt does not yet hurt other certificate providers, except that they may slow their growth. That may change once the market is more saturated, but it looks like there is still time for the competition to evolve their strategies. You can find much more details in our SSL Certificate Authorities Market Reports. _________________
Share this page |