EFF is proud to introduce Certbot, a powerful tool to help websites encrypt their traffic. Certbot is the next iteration of the Let's Encrypt Client; it obtains TLS/SSL certificates and can automatically configure HTTPS encryption on your server. It's still in beta for now, but we plan to release Certbot 1.0 later this year.
As you may know, Let’s Encrypt is a certificate authority, co-founded by EFF, Mozilla, and researchers from the University of Michigan. With the help from many others, Let’s Encrypt is now one of the world’s largest certificate authorities, used by millions of people around the world to enable HTTPS on their website.
Certbot communicates with the Let’s Encrypt CA through a protocol called ACME. While there are many ACME clients available to choose from, Certbot continues to be the most popular choice for organizations and developers that run their own webservers.
Back in April, we announced we would be transitioning the client to become an EFF project. The client will have a new name, to avoid confusion with the Let's Encrypt CA and organization, and it will no longer be the official ACME client for use with Let's Encrypt. But don't panic! The software for the Let's Encrypt client has always been primarily developed by EFF and open source contributors from around the world, and that's not changing. But this does mean that the client will no longer be hosted by ISRG, the parent organization of the Let's Encrypt CA.
Along with the rename, we've also launched a brand new website for Certbot, found at https://certbot.eff.org. The site includes frequently asked questions as well as links to how you can learn more and help support the project, but by far the biggest feature of the website is an interactive instruction tool. To get the specific commands you need to get Certbot up and running, just input your operating system and webserver. No more searching through pages and pages of documentation or Google search results!
While a new name has the potential for creating technical issues, the Certbot team has worked hard to make this transition as seamless as possible. Packages installed from PyPI, letsencrypt-auto, and third party plugins should all continue to work and receive updates without modification. We expect OS packages to begin using the Certbot name in the next few weeks as well. On many systems, the current client packages will automatically transition to Certbot while continuing to support the letsencrypt command so you won't have to edit any scripts you're currently using.
Despite the rename and Certbot's new home at EFF, the client will continue to work as it always has. It will still get certificates from Let's Encrypt and automatically configure HTTPS on your webserver. With Let's Encrypt issuing its three millionth certificate in the last week, Let's Encrypt and Certbot have no plans of slowing down on their mission to help build a Web that is encrypted by default.