The blight of expired Let’s Encrypt certs

As Let’s Encrypt has made it affordable and easy to generate and install HTTPS certificates, so too have the number of sites exploded with expired certificate warnings.

Expired Let's Encrypt certificate warning in Safari

In the past, a certificate was an investment. You treasured it, and (mostly) kept it current. Now they’re becoming disposable.

I don’t fault Let’s Encrypt for this. The official client, and most of the others, provide instructions on setting up a cron job to generate them regularly. But it’s an interesting side effect.

Peversely, if we’re concerned with people clicking through expired cert warnings without reading or caring, this latest trend is only going to reinforce it.

(As an aside, a couple of readers have asked why I keep referring to these as HTTPS rather than SSL certificates. Crypto people are nothing if not precise, and SSL is not offered on Rubénerd, or most other sites any more. The newer versions of the standard are called, rather short-sightedly, TLS. But that name holds even less mindshare outside the IT industry).