
Ask HN: Is there any real value to a company in SSL beyond Let's Encrypt? - brightball
This is a conversation that has come up a few times and the general sentiment seems to be that there is supposed to be value...but it&#x27;s not actually there.<p>Just looking for thoughts one way or another? Do users or business customers care?
======
wsh
I think few users know or care what certification authorities (CAs) signed the
certificates of the websites they visit. Using a public CA other than Let’s
Encrypt can be valuable, however, in situations such as these:

\- You want a certificate with a lifetime longer than Let’s Encrypt’s limit of
90 days, which might be convenient if you need to install it on a server or
device that doesn’t support automatic renewals with the ACME protocol.

\- You want a certificate for a domain name that Let’s Encrypt wouldn’t be
able to validate automatically, such as one not used actively on the public
Internet.

\- You are required by law or contract to include a validated organization
name, locality, etc., in the certificate, or to use a certificate that meets
some other standard that Let’s Encrypt’s don’t.

\- You want more control over certificate issuance than Let’s Encrypt
provides. For example, an organization might arrange with its chosen CA to
require specific validation procedures, such as approval by a designated
employee, and then publish CAA records in DNS instructing all other CAs not to
issue certificates for its domains.

------
a-fried-egg
Let's Encrypt is a free, automated, and open certificate authority brought to
you by the non-profit Internet Security Research Group (ISRG). They're not a
company.

~~~
brightball
I might not have phrased the question properly.

I meant, is there any value to a business procuring an SSL cert from a vendor
that justifies purchasing rather than just using Let's Encrypt?

