The Mailfence SSL/TLS Certificate

ssl-tls-certificate

When accessing mailfence.com, the transmission of information between your browsers and our servers in Brussels-Belgium is always encrypted and protected by SSL/TLS – for which each website has a Public Key Certificate that is verified by a trusted certificate authority.

Mailfence has no American company in its SSL/TLS certification chain and the one which vouches for us is Keynetics (presently called https://www.opentrust.com/).

A modern browser should automatically check the validity of the Mailfence SSL/TLS certificate and alert you if it detects something untrustworthy.  For security conscious users who want to manually check, our SSL/TLS certificate fingerprints/thumbprints (valid until 13/05/‎2018) are:

SHA1 fingerprint:

dd:25:6f:c4:b6:29:e6:8f:a9:d2:19:f6:c2:4b:9c:15:ea:79:5e:90

SHA-256 fingerprint:

e7:68:06:a0:be:08:d6:92:59:af:21:86:39:df:23:17:60:45:54:4a:d8:a2:a7:e0:57:5c:45:aa:1d:57:21:85

If this matches what you see in your browser, then you know you are communicating with the real Mailfence website and using the correct public key to encrypt your sensitive information and only Mailfence can decrypt it.

 

Guidelines:

  • For Chrome:
    1. Click on the lock button in front of the URL.
    2. Go to Details and click on View Certificate.
    3.  In Details tab, show All and verify the Thumbprint (SHA1) matches the one above.
  • For Firefox:
    1. Click on the lock button in front of the URL and click on More Information.
    2. Go to Security and click on View Certificate.
    3. In General, verify the Fingerprints (SHA1 & SHA-256) matches the one’s above.
  • For Safari:
    1. Click on the lock button in front of the URL.
    2. Select Show Certificate, in Details scroll to the bottom of the page and verify the Fingerprints (SHA1) matches the one above.

Note:  Make sure you are looking at the certificate for *.mailfence.com

For further assistance, feel free to drop us an email at support@mailfence.com

Reclaim your email privacy!

Follow us on twitter/reddit and keep yourself posted at all times.

– Mailfence Team


Spread the word !

M Salman Nadeem

Information Security Analyst - Security Team | Mailfence

You may also like...

3 Responses

  1. June 28, 2016

    […] The Mailfence SSL/TLS Certificate June 10, 2016 […]

  2. October 24, 2016

    […] is a service without advertising or backdoors. It is safely hosted in Belgium and uses a non-US SSL/TLS certificate.  We provide end-to-end encryption which makes eavesdropping impossible and renders intercepted […]

  3. November 18, 2016

    […] is a service without advertising or backdoors. It is safely hosted in Belgium and uses a non-US SSL/TLS certificate.  We provide end-to-end encryption which makes eavesdropping impossible and renders intercepted […]

Leave a Reply

Your email address will not be published. Required fields are marked *