Can we use our own SSL cerificates


#1

we have EV SSL. do we use that?


#2

Let’s Encrypt is a service to create free SSL certificates. If you already have a certificate, what do you want from Let’s Encrypt?


#3

If you already have a certificate, you might not need a new one from Let’s Encrypt.

Let’s Encrypt does not issue EV certificates, only DV certificates. If you get a new certificate from us, it won’t be EV.


#4

we came from http://jcryption.org/
we need encryption & decryption for php(encryption) and javascript(decryption)


#5

As you can read, jcryption is discontinued… You should put your entire site behind TLS.

As you’ve already got an EV certificate as you say, there should be no problem doing that. There’s no need for Let’s Encrypt in your situation, unless your EV certificate is expired and you’re not willing to pay for a new one.


#6

Looking at the jcryption website, I really don’t understand what it was supposed to do, or why. It looks like it was a home-grown way to encrypt form data in transit without using SSL/TLS. Is that the case? If so, why? It seems it’s been a long time since there would have been a legitimate need for such a thing. Anyone who’s concerned about the privacy of their data would notice the lack of https, and not likely trust the site’s assurances that the data is encrypted anyway.

@hpng6, if you want encrypted communications on your website, dump the home-grown javascript/php solution, and enable TLS on your web server using the certificate you’ve already probably paid quite a bit of money for (EV certs aren’t cheap). In the short term, there’s really nothing Let’s Encrypt can do for you–LE provides (DV-only) certificates, but you already have one. When your EV cert is about to expire, if you don’t feel the continued need for EV (it isn’t important to you that your users see the green bar in their browser with your organization name in it), you may want to use LE to get a cert, and set up your server to renew them automatically.


#7

This type of method can be used for an extra layer of security in deter the network controllers from seeing the data if an internal CA is being used.

However for the most part TLS is all you really need.