In a nutshell, Certbot is a tool for getting certificates from the Let’s Encrypt certificate authority (CA) and configuring your web server to encrypt users’ connections to your website with Let’s Encrypt certificates.
But there’s more to it: Certbot is an easy-to-use automatic client that fetches and deploys SSL/TLS certificates for your webserver. Developed by EFF and others as a client for the Let’s Encrypt certificate authority, Certbot is the most extensive client, will also work with any other CAs that support the ACME protocol, and can automatically configure your webserver to start serving over HTTPS immediately.
Certbot can provide easy set up of HTTPS for most websites. This allows a website to be safe from man-in-the-middle from malicious captive portals or ISPs, and hides the contents of the visited sites from anyone between you and the site. To see what information HTTPS protects check out this useful infographic.
Certbot is part of EFF’s larger effort to encrypt the entire Internet. Websites need to use HTTPS to secure the web. Along with HTTPS Everywhere, Certbot aims to build a network that is more structurally private, safe, and protected against censorship. So far Let’s Encrypt has 30 million certificates in circulation, and the majority, 51%, of page loads are done of HTTPS – but we still have a ways to go before we can see our dream of an entirely encrypted web.