SSL/TLS Server Certificates - Let's Encrypt Certificate Automation

Let's Encrypt Incommon/Sectigo
Automated Certificate Renewals Manual generation of CSR and installation of certificates
90-day lifetime, suggested 60-day automated renewal. Requires yearly renewal
Best for: Managing numerous certificates Best for: Managing individual certificates
Free The University pays for Incommon/Sectigo Services
DCV renewal automated DCV required each year (not *.wisc.edu or *.wisconsin.edu)
A considerable amount of server administrators on campus have moved away from using the Incommon/Sectigo SSL Server Certificate offering in favor of the automation and ease of Let's Encrypt.

A trusted CA  (Certificate Authority) is a trusted CA and what's most important is to use SSL/HTTPS and if you can make it less painful and cost-effective all the better.

Let's Encrypt provides free, automated, open and trusted security certificate authority (CA) for server admins/website owners to obtain trusted security certificates within minutes. It will also automatically renew them over time without the manual intervention for renewal. Certificates provided by Incommon/Sectigo require manual renewal every year due to newer industry standards.  

The UW Madison SSL server certificate services does not directly support end-user local systems, for their generation of CSRs, installing certs, etc. on said systems and that is the case whether that is Incommon or Let's Encrypt. We provide the means to obtain/deliver the certificates with Incommon but those who use Let's Encrypt can self-service and automate.

-- If interested please see the ample documentation for using it on multiple platforms at https://letsencrypt.org/about/

-- Tracking for Let's Encrypt maintenance or outages:  https://letsencrypt.status.io