Mailfence Blog

Mailfence Blog. Get the latest news about secure email and Internet privacy.

The Mailfence SSL/TLS Certificate

by · Published · Updated

When accessing any of the Mailfence services, the transmission of data between your device program and our servers in Brussels-Belgium is always encrypted and protected by SSL/TLS – for which each website has a (Public Key) Certificate that is verified by a trusted Certificate Authority (CA).

A modern browser should automatically check the validity of the Mailfence SSL/TLS certificate and alert you if it detects something untrustworthy. In case an adversary succeeds in spoofing Mailfence (using a rogue SSL/TLS certificate), you will still be able to detect such an (AiTM) attack by manually checking Mailfence SSL/TLS certificate fingerprints.

Mailfence_SSL_TLS

The Mailfence SSL/TLS certificate fingerprints [valid until December 6th, 2023, 13:48 GMT] are:

SHA1 fingerprint:

B4:1B:3A:9E:54:4D:C0:88:7E:CF:24:BF:B0:1B:59:EE:CC:97:29:31

SHA-256 fingerprint:

2B:4F:E4:D6:22:0F:B7:3B:BB:3F:14:50:55:D0:F5:17:EC:39:9B:85:DF:28:4B:63:C2:37:C7:0B:2B:5D:DD:88

If this matches what you see in your browser, then you know you are communicating with the right Mailfence website/service and using the correct public key to encrypt your sensitive information and only Mailfence can decrypt it.

Last updated: September 2023
Next update date: December 2023

Guidelines:

  • For Chrome:
    1. Click on the green padlock in the address bar.
    2. Click on the Certificate.
    3. In General, verify that the Fingerprints (SHA1 & SHA-256) matches the one’s above.
  • For Firefox:
    1. Click on the lock button in front of the URL and click on the Arrow on the right side of the dropdown.
    2. Click on Connection Secure.
    3. Click on More Information.
    4. Go to Security and click on View Certificate.
    5. Verify that the Fingerprints (SHA1 & SHA-256) matches the one’s above.
  • For Safari:
    1. Click on the lock button in front of the URL.
    2. Select Show Certificate, in Details scroll to the bottom of the page.
    3. Verify that the Fingerprints (SHA1 & SHA-256) matches the one’s above.

Note: Make sure, in your browser, you are looking at the leaf certificate (mailfence.com, *.mailfence.com). This certificate does not cover blog.mailfence.com and kb.mailfence.com domain names.

For further assistance, feel free to drop us an email at support@mailfence.com

Get your secure email

At Mailfence – a secure and private email service, we believe in following good security practices, to contribute in providing you a secure and private email solution. Learn more about who we are.

Tags:

You may also like...