A while ago the Linux Foundation, EFF, Mozilla and many others started working on a project that would allow any website to enable TLS/SSL encryption. The idea behind the project is twofold, first to provide simple domain validation certificates free of charge, and secondly to make the process as simple as possible. Both of these goals are quite important, and this is the first time anyone have attempted to combine them. The website for the project can be found here.
{:.right.small.padded}
There has been free domain validation certs before, for example by StartSSL, but they have been quite restrictive, and taken a bit of work to configure. But the biggest problem is usually the inability to get certificates for domains other than a few presets, like www.domain.com.
Also, don't get me wrong about the cost aspect. I'm not at all against paying for identity validation, but most of the time you only need to actually encrypt the traffic, and make sure that it's going to the right place. And if you run one website, the cost is not so much, but if you run tens of experimental or hobby sites, the 50-200€ per site quickly adds up.
But what is almost as important as the cost aspect, is the work it takes to set up the certs. It's not hard as such, but it's just hard enough, and you do it seldom enough to forget how it was done, until you need to do it again. There has been tools to help you with this task as well. Some are probably just as simple as Let's Encrypts tool. But you can't get much simpler. Especially if you're running Apache on Linux. It's pretty much just a matter of running one command specifying the domains you want to encrypt. Or if that seems too difficult, just run the command, and it will let you select from all the configured sites.
These certificates are domain validation certificates. That means that the only thing they validate is that you own the domain. This part is completely automated, if you are running on Apache, and Apache manages the website for the domain. Combined with the fact that both servers and clients are fast enough to do encryption with very little overhead, there is really no reason not to use this. And as you can see if you check I'm using their certs on this page.
This is a very welcome addition to the world of website security. It is frankly quite absurd that in this day and age the majority of websites don't use encryption for standard traffic. This is something that should be fixed for many reasons, and I personally think that this is a good way to do that.