Who Is The Most Popular TLS Certificate Authority?

TLS Certificate Authority Market Share

According to W3Techs, IdenTrust is used by 38.5% of all the websites, that is a TLS certificate authority market share of 51.5% as of May 15 2020. The market share yearly trend for SSL certificate authorities shows that IdenTrust has grown exponentially from merely 0.3% in January 2016 to over half of the market in May 2020.

Who is IdenTrust?

IdenTrust, part of HID Global, is a leading provider of digital certificates for trusted identity solutions recognized by financial institutions, healthcare providers, government agencies and enterprises around the world. They were established in 1998.

Who is Let’s Encrypt?

Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG). To create a more secure and privacy-respecting Web, they give people the digital certificates they need to enable HTTPS (TLS) for websites for free. They were launched in December 2015.

Let’s Encrypt Intermediate Certificates Cross-Signed By Identrust

Under normal circumstances, certificates issued by Let’s Encrypt will come from “Let’s Encrypt Authority X3”. The intermediate “Let’s Encrypt Authority X3” represents a single public/private key pair. The private key of that pair generates the signature for all end-entity certificates i.e. the certificates Let’s Encrypt issues for use on users’ servers.

The intermediate is cross-signed by IdenTrust’s “DST Root CA X3” (now called “TrustID X3 Root”) for additional client compatibility. The IdenTrust root has been around longer and thus has better compatibility with older devices and operating systems (e.g. Windows XP).

When configuring a web server, the server operator configures not only the end-entity certificate, but also a list of intermediates to help browsers verify that the end-entity certificate has a trust chain leading to a trusted root certificate. Almost all server operators will choose to serve a chain including the intermediate certificate with Subject “Let’s Encrypt Authority X3” and Issuer “DST Root CA X3.” The recommended Let’s Encrypt software, Certbot, will make this configuration seamlessly.

Let’s Encrypt Milestones and Statistics

Let’s Encrypt has issued a billion certificates as of Feb 27, 2020. Here is the Let’s Encrypt’s 2019 annual report.

In June of 2017 approximately 58% of page loads used HTTPS globally, 64% in the United States. In Feb of 2020, 81% of page loads use HTTPS globally, and 91% in the United States! This is an incredible achievement. That is a lot more privacy and security for everybody thanks to open source!

In June of 2017 Let’s Encrypt was serving approximately 46M websites with 11 full time staff and an annual budget of $2.61M. In February of 2020, they serve nearly 192M websites with 13 full time staff and an annual budget of approximately $3.35M.

TLS Certificate Authority Market Share Myth

It is no coincidence that Let’s Encrypt was launched in December 2015, and IdenTrust has grown exponentially from merely 0.3% in January 2016 to over half of the market in May 2020. So, it has become appallingly obvious that Let’s Encrypt has contributed to IdenTrust’s exponential growth in their market share.

Conclusion

In summary, Let’s Encrypt is the largest TLS certificate authority in the world thanks to its open source nature. This makes it easier to have HTTPS encrypted websites.

More and more vendors provide managed TLS service using Let’s Encrypt TLS certificates simply because Let’s Encrypt is the most popular and user-friendly in the world.

Further Reading

• Only HTTPS Websites Are Secure
• Managed TLS Service One-year
• Website Security For Small Business
• Shared Workspace Business Website
• How to Create a Blog
• Find a Web Designer