Companies Using Let's Encrypt

With 10+ years in web crawling and technographic data analysis, I've examined Let's Encrypt's adoption profile using our 3,572,288 enriched company dataset (matched against 7.66M active domains), as of our April 2026 crawl at TechnologyChecker.io. We cross-referenced detections with LinkedIn profiles to understand who uses the service and how migration patterns play out against paid SSL providers. For additional context on certificate issuance trends, see our SSL Certificate Transparency Report.

Growth trajectory

Let's Encrypt issued its first certificate on September 14, 2015, and launched publicly in April 2016. The growth arc is staggering: 1 million certificates by March 2016, 100 million by June 2017, and 1 billion by February 2020. Per the 10-year anniversary post, Let's Encrypt was issuing 10 million certificates per day by late September 2025. In our tracking data, active domains peaked at 7.4 million in March 2025. The ISRG 2025 Annual Report adds broader context: Let's Encrypt went from 492 million to 762 million websites in a single year, a 55% jump. Before Let's Encrypt, fewer than 30% of web page loads used HTTPS. That figure now exceeds 80% globally and 95% in the United States, per Firefox Telemetry.

Sales Signal: The 9.2M historical vs. 7.4M active gap in our data means roughly 1.8M domains have stopped using Let's Encrypt. Some switched to paid SSL, some went offline. For certificate resellers, this churn pool represents companies that may now need OV or EV certificates for compliance.

Customer profile

The enriched company data paints a clear picture. 83.2% of Let's Encrypt users have 1-10 employees, and 93.9% have fewer than 50. The age distribution shows 40.5% were founded in the 2010s and 25.1% in the 2020s, meaning two-thirds of the user base are digital-native companies less than 15 years old. This isn't a coincidence. Let's Encrypt launched in 2016, and any company born after that date likely got free SSL from day one through their hosting provider.

"Let's Encrypt didn't just democratize HTTPS. It made SSL invisible. When 83% of your user base has fewer than 10 employees, you're not selling to them. Their hosting provider made the decision for them. That's the real story here: Let's Encrypt won by becoming infrastructure, not a product." - Mehmet Suleyman, CEO at TechnologyChecker.io

Yet the enterprise tail is real. IBM, SAP, Cisco, and Shopify aren't just users; they're Gold-level sponsors funding the project. Google and AWS are Diamond sponsors. Shopify is the clearest example of enterprise-scale adoption: per their published case study, they run 4.5 million merchant domains on Let's Encrypt and provisioned all of them in "a couple of hours" after their previous CA took an estimated 100+ days. Boeing uses it on businessjets.boeing.com, JP Morgan Chase on HR portals, Samsung across multiple subdomains. These companies don't use Let's Encrypt because they can't afford Symantec. They use it because automated 90-day rotation via ACME is actually better security practice for internal services.

Sales Signal: Don't try to sell paid SSL to Let's Encrypt's core base of 1-10 employee companies. They aren't making certificate decisions. Instead, target the 3,324 enterprises with 10,001+ employees that use Let's Encrypt on subdomains. These organizations often need to consolidate certificate management across hundreds of internal services, and that's a real budget line item.

Industry and geographic concentration

Construction leads at 3.93%, which might seem odd for a technology product. It isn't. Construction companies have websites, and their hosting providers auto-provision Let's Encrypt. The same logic explains Real Estate at 3.03% and Medical Practices at 2.16%. Let's Encrypt's industry distribution is the flattest I've seen across any technology we track, with no single vertical exceeding 4%. That's because it's not a product people choose; it's infrastructure they receive.

Geographically, the United States leads with 945,862 companies (26.5%), followed by the UK (239,848) and Brazil (204,774). The spread is genuinely global: 13 countries exceed 50,000 companies each, and Brazil's strong third-place showing reflects Latin American hosting providers bundling Let's Encrypt by default.

Sales Signal: For companies selling certificate management or compliance tools, the flat industry distribution means vertical targeting won't work. Geographic targeting is more productive. Focus on markets where Let's Encrypt is the default (US, Brazil, France) and look for companies that need to upgrade specific subdomains to OV or EV for regulatory reasons, especially in financial services and healthcare.

Migration patterns

Migration data from 100,000 enriched companies tells a one-directional story. Let's Encrypt gained 15,848 companies from GeoTrust SSL and lost only 989, a 16:1 ratio. Against RapidSSL, it's 22.6:1. Even against Symantec Secure Site, Let's Encrypt shows a 3.4:1 gain ratio (3,473 gained vs. 1,022 lost). The only meaningful outflow is to GlobalSign Domain Verification (1,686 lost vs. 665 gained), suggesting companies that outgrow DV certificates and need organizational validation for business-to-business credibility.

"The 22:1 migration ratio against RapidSSL tells you everything about the DV certificate market. Free automated certificates killed the low-cost paid DV business. The companies leaving Let's Encrypt for GlobalSign aren't dissatisfied. They need something Let's Encrypt can't offer: OV and EV validation." - Mehmet Suleyman, CEO at TechnologyChecker.io

Sales Signal: The 1,686 companies that moved from Let's Encrypt to GlobalSign Domain Verification represent the highest-intent prospects for paid SSL. They've already decided that free DV isn't enough. Target them with OV/EV upgrade messaging that emphasizes compliance, brand trust signals, and the green address bar for customer-facing domains.

Technology ecosystem

Let's Encrypt's tech stack overlap, based on 100,000 enriched companies, mirrors the general web. Google Analytics at 58.75% is close to the internet-wide average. Cloudflare Hosting leads at 14.61%, and that number will only grow as Cloudflare continues bundling SSL with its CDN. CMS-wise, Wix (7.49%) and Squarespace (6.46%) are prominent because both auto-provision Let's Encrypt. The JavaScript framework overlap skews toward legacy stacks like RequireJS and AngularJS, consistent with older small business sites.

Sales Signal: The 14.61% Cloudflare overlap is significant. Cloudflare offers its own Universal SSL, so these sites are running both Cloudflare SSL and Let's Encrypt (possibly on different subdomains or origins). If you're selling CDN or hosting, pitch certificate consolidation: one provider, one management plane, fewer renewal headaches.

Sponsor and funding model

Let's Encrypt is funded by ISRG, a nonprofit, with Diamond sponsors Google and AWS, Platinum sponsors Mozilla and EFF, and Gold sponsors including Cisco, IBM, SAP, and Shopify. Many of these sponsors also appear in our detection data as active users, a dual relationship (funder and user) that's unusual in the technology market. The project has won the 2022 Levchin Prize for Real-World Cryptography and the 2025 IEEE Cybersecurity Award for Practice. In 2025, ISRG also turned off its OCSP service (which had been handling 4 billion requests per day) and deleted all stored subscriber email addresses, both moves driven by privacy.

Sales Signal: For developer tool companies and hosting providers, sponsoring Let's Encrypt ($10K+ for Silver tier) is both a brand play and an ecosystem investment. It signals to DevOps teams that you take security seriously and gets your logo on one of the most-visited pages in the SSL world.

Key takeaways

1. Let's Encrypt is the web's default certificate authority. 762 million websites, 7 billion+ certificates issued, 10 million per day. Our detection data alone shows 7.66M active domains, dwarfing every paid SSL provider combined.

2. Adoption is infrastructure-driven, not decision-driven. 83.2% of users have fewer than 10 employees. They didn't choose Let's Encrypt. Their hosting provider did. Shopify alone accounts for 4.5 million merchant domains.

3. Enterprise usage is real but departmental. IBM, Samsung, Boeing, and JP Morgan Chase all use Let's Encrypt on subdomains and internal tools where automated rotation is a security feature, not a limitation.

4. Migration is one-directional against paid DV providers. 16:1 against GeoTrust, 22.6:1 against RapidSSL. Free automated DV certificates have effectively ended the low-cost paid DV market.

5. The 45-day lifetime cut is coming for all CAs. Required by the CA/Browser Forum, not just Let's Encrypt. The classic profile drops to 64 days in February 2027 and 45 days in February 2028. 6-day certificates are already available.

6. Industry distribution is the flattest in our database. No single vertical exceeds 4%, confirming that Let's Encrypt is a utility, not a product.

Sales applications

Outreach template: "Hi [Name], I noticed [Company] runs Let's Encrypt on [subdomain] alongside a paid certificate on your primary domain. Many companies in [industry] are consolidating certificate management to simplify renewals and ensure compliance. Would it help to see how similar organizations handle multi-domain SSL management?"

Targeting strategy: Filter by company size (201+ employees), industry (financial services, healthcare, or government), and geography (US, UK, or Germany). The 3,324 enterprises with 10,001+ employees are the highest-value segment for OV/EV upgrade conversations.

Explore the full Let's Encrypt install base with company-level filtering at TechnologyChecker.io. Our dataset covers 7,662,374 active domains with 3,572,288 enriched companies including industry, size, location, and tech stack data.