|Certificate authority||Features||Limitations||Client support|
|DigiCert (soon to be )||RSA and ECDSA certificates|
Supports of 14, 30, and 90 days
|Let’s Encrypt||RSA and ECDSA certificates|
Supports of 90 days.
valid for 7 days.
|Hostname on certificate must contain 10 or less levels of subdomains|
|Google Trust Services||RSA certificates|
Supports of 14, 30, and 90 days.
valid for 14 days.
|ECDSA certificates and Punycode domains are not yet supported.||Currently trusted by Microsoft, Mozilla, Safari, Cisco, Oracle Java, and Qihoo’s 360 browser. All browsers or operating systems that depend on these root programs are covered.|
In addition, some of Google Trust Services' root CAs may rely on a cross-signature to ensure optimal support across a wide range of devices.