/jump to repo

Repos Recent Bookmarks Watched Notes Tags Discover Compare Stats GitHub

Repository brief

certbot/certbot

Read the upstream summary on the left, browse the cached forks below it, and load each fork comparison into the right-hand panel.

Cached analysis

cached 2026-03-30T20:04:59.980Z

1mo ago

certbot/certbot

Certbot/certbot is EFF’s actively maintained ACME client for obtaining Let’s Encrypt certificates and optionally auto-enabling HTTPS, with support for other ACME-compatible CAs. It is a large, mature repository with 32,941 stars, 3,498 forks, and recent activity as of 2026-03-27.

Loading tags...

Stars32,941

Forks3,498

Default branchmain

Last pushed2026-03-27T21:38:12Z

Recommended shortcuts

Jump straight into Discofork's strongest cached fork picks, or open a compare view in one click.

Forks

Choose a fork to inspect

10 of 10 fork briefs

Maintenance:

Magnitude:

Sort:

Selected

Choose this fork only if your goal is to mine an early IIS/Windows porting effort. For active certificate automation, upstream Certbot is the clearly safer and more complete base.

Prefer this fork only if you specifically need its legacy Apache/Debian automation or want an old Certbot-era codebase. For new deployments, upstream Certbot is the safer choice because this fork is stale, substantially divergent, and behind on maintenance.

Choose this fork only if you need the old legacy Lets Encrypt client shape. For anyone wanting an actively maintained ACME client, the upstream Certbot project is the safer default.

Choose this fork only if you want a near-zero-modification copy of Certbot; otherwise upstream is likely the better default because it is current and this fork adds no visible capabilities.

Prefer upstream unless you specifically need this 2020-era fork’s packaging and installer changes. For production ACME use, the fork is too stale and too far behind to be a good default choice.

Choose upstream unless you specifically need the legacy auto-installer or old packaging behavior. This fork looks like a frozen, highly customized 2019 snapshot rather than a safe substitute for active Certbot maintenance.

Prefer upstream unless you specifically need legacy Certbot internals or old installer behavior. For new adopters, this fork looks too stale and too far behind to be a practical base.

Choose this fork only if BIG-IP support is the main requirement. For general Certbot use, upstream is the better choice because this fork is old, highly divergent, and inactive.

Choose this fork if your goal is to monetize or control AI scraping at the HTTP edge. Do not choose it if you need a maintained ACME certificate client; this fork is a substantial product rewrite with different operational goals.

Choose this fork only if you need its legacy installer and workflow changes. If you want current Certbot behavior, active upstream maintenance, and the latest plugin/integration changes, upstream is the safer default.

Fork comparison

felixrieseberg/lets-encrypt-preview

38/100

stale

significant_divergence

Choose this fork only if your goal is to mine an early IIS/Windows porting effort. For active certificate automation, upstream Certbot is the clearly safer and more complete base.

Likely purpose

Port Certbot to a Windows/IIS workflow, with installer/bootstrapper support and Windows dependency/setup changes, while reshaping the codebase far away from upstream.

Best for

Teams evaluating old IIS/Windows Let’s Encrypt experiments; Maintainers looking for historical implementation ideas for Windows certificate automation; Users who need a reference for how Certbot was adapted to IIS, not a production-ready current client

Additional features

IIS-oriented support for getting Let’s Encrypt certificates on Windows servers
Windows bootstrapper and setup changes, including VCPython and Swig installation work
Development/runtime packaging changes for Docker and Vagrant workflows
Fork-specific packaging and dependency adjustments for a Windows preview environment
Expands API, schema, or SDK surface area for downstream integrations and generated clients.
Adds plugin, tool, or MCP-style extensibility beyond the upstream baseline.

Missing features

Far behind upstream Certbot, with 368 upstream commits missing and no activity since 2015-06-17
Likely missing the modern upstream plugin/integration set and current release improvements from Certbot 5.x
Upstream Apache/Nginx integration and current maintenance work are not reflected in this fork
The fork appears to have removed or heavily rewritten large portions of core Certbot logic, making upstream behavior harder to rely on
It trails upstream by 368 commits, so some recent upstream features and fixes are likely not present yet.

Strengths

Useful if you specifically need a historical IIS/Windows preview of Let’s Encrypt support
Shows explicit work on Windows installer/bootstrapper plumbing
Large divergence suggests the fork was opinionated for its target platform rather than a thin patch set

Risks

Very stale maintenance makes it a poor choice for security-sensitive certificate automation today
Large code drift and massive deletions imply high merge pain and unknown behavioral regressions
Being 368 commits behind upstream means missing many years of fixes and improvements
The fork’s value is likely historical unless you need the exact IIS experiment