The Mailfence SSL/TLS Certificate

When accessing any of the Mailfence services, the transmission of data between your device program and our servers in Brussels-Belgium is always encrypted and protected by SSL/TLS – for which each website has a (Public Key) Certificate that is verified by a trusted Certificate Authority (CA).

A modern browser should automatically check the validity of the Mailfence SSL/TLS certificate and alert you if it detects something untrustworthy. In case an adversary succeeds in spoofing Mailfence (using a rogue SSL/TLS certificate), you will still be able to detect such an (AiTM) attack by manually checking Mailfence SSL/TLS certificate fingerprints.

The Mailfence SSL/TLS certificate fingerprints [valid until May 5th, 2025, 10:35 AM (Central European Summer Time)] are:

SHA1 fingerprint:

2D:DD:00:56:9E:11:80:71:EE:00:D1:F9:DE:71:63:FF:68:96:C8:88

SHA-256 fingerprint:

37:05:CF:EB:6B:5C:BA:F1:9D:2F:1E:39:BA:2F:5E:8F:54:2F:5A:ED:8B:55:DC:FB:69:52:98:A4:F2:8D:8B:A6

If this matches what you see in your browser, then you know you are communicating with the right Mailfence website/service and using the correct public key to encrypt your sensitive information and only Mailfence can decrypt it.

Last updated: February 2025
Next update date: May 2025

Guidelines:

• For Chrome:
  1. Click on the green padlock in the address bar.
  2. Click on the Certificate.
  3. In General, verify that the Fingerprints (SHA1 & SHA-256) matches the one’s above.
     
• For Firefox:
  1. Click on the lock button in front of the URL and click on the Arrow on the right side of the dropdown.
  2. Click on Connection Secure.
  3. Click on More Information.
  4. Go to Security and click on View Certificate.
  5. Verify that the Fingerprints (SHA1 & SHA-256) matches the one’s above.
     
• For Safari:
  1. Click on the lock button in front of the URL.
  2. Select Show Certificate, in Details scroll to the bottom of the page.
  3. Verify that the Fingerprints (SHA1 & SHA-256) matches the one’s above.

Note: Make sure, in your browser, you are looking at the leaf certificate (mailfence.com, *.mailfence.com). This certificate does not cover blog.mailfence.com and kb.mailfence.com domain names.

For further assistance, feel free to drop us an email at support@mailfence.com

At Mailfence – a secure and private email service, we believe in following good security practices, to contribute in providing you a secure and private email solution. Learn more about who we are.