Let’s Encrypt takes free “wildcard” certificates live
In July of 2017, the nonprofit certificate authority Let's Encrypt promised to deliver something that would put secure websites and Web applications within reach of any Internet user: free "wildcard" certificates to enable secure HTTP connections for entire domains. Today, Let's Encrypt took that promised service live, in addition to a new version of the Automated Certificate Management Environment (ACME) protocol, an interface that can be used by a variety of client software packages to automate verification of certificate requests.
ACME version 2 "has gone through the IETF standards process," said Josh Aas, executive director of the Internet Security Research Group (ISRG), the group behind Let's Encrypt, in a blog post on the release. ACME v2 is currently a draft Internet Engineering Task Force standard, so it may not yet be in its final form. But the current version is the result of significant feedback from the industry. And its use is required to obtain wildcard certificates.