When accessing any of the Mailfence services, the transmission of data between your device program and our servers in Brussels-Belgium is always encrypted and protected by SSL/TLS – for which each website has a (Public Key) Certificate that is verified by a trusted Certificate Authority (CA).

A modern browser should automatically check the validity of the Mailfence SSL/TLS certificate and alert you if it detects something untrustworthy. In case an adversary succeeds in spoofing Mailfence (using a rogue SSL/TLS certificate), you will still be able to detect such an (AiTM) attack by manually checking Mailfence SSL/TLS certificate fingerprints.
The Mailfence SSL/TLS certificate fingerprints [valid until July 31st, 2025, 8:25 AM (Central European Summer Time)] are:
SHA1 fingerprint:
61:1F:D7:B0:0A:89:62:5C:43:AA:B2:9F:E7:30:E9:CA:6F:3C:28:AC
SHA-256 fingerprint:
6A:6E:B4:75:42:BC:49:2A:51:1B:9E:B3:5E:E8:85:22:DF:A3:04:41:9F:31:9A:A2:F8:8E:50:1A:18:54:05:47
If this matches what you see in your browser, then you know you are communicating with the right Mailfence website/service and using the correct public key to encrypt your sensitive information and only Mailfence can decrypt it.
Last updated: May 2025
Next update date: July 2025
Guidelines:
- For Chrome:
- Click on the green padlock in the address bar.
- Click on the Certificate.
- In General, verify that the Fingerprints (SHA1 & SHA-256) matches the one’s above.
- For Firefox:
- Click on the lock button in front of the URL and click on the Arrow on the right side of the dropdown.
- Click on Connection Secure.
- Click on More Information.
- Go to Security and click on View Certificate.
- Verify that the Fingerprints (SHA1 & SHA-256) matches the one’s above.
- For Safari:
- Click on the lock button in front of the URL.
- Select Show Certificate, in Details scroll to the bottom of the page.
- Verify that the Fingerprints (SHA1 & SHA-256) matches the one’s above.
Note: Make sure, in your browser, you are looking at the leaf certificate (mailfence.com, *.mailfence.com). This certificate does not cover blog.mailfence.com and kb.mailfence.com domain names.
For further assistance, feel free to drop us an email at support@mailfence.com
At Mailfence – a secure and private email service, we believe in following good security practices, to contribute in providing you a secure and private email solution. Learn more about who we are.