Certificates issued are marked with the X509v3 Extended Key Usage flags for id-kp-serverAuth and id-kp-clientAuth (CPS 1.0 Draft, Section 8.1.2). That technically constraints the certificates to activities where the TLS protocol is used in association with a Domain Name for the purpose of encrypting Internet communications (Subscriber Agreement 1.0.1, Section 3.6). The official Let’s Encrypt client will help you use them for web servers. Other uses permitted by the EKU flags are not officially supported by Let’s Encrypt.
2 Likes