The Mailfence SSL/TLS Certificate

When accessing any of the Mailfence services, the transmission of data between your device program and our servers in Brussels-Belgium is always encrypted and protected by SSL/TLS – for which each website has a (Public Key) Certificate that is verified by a trusted Certificate Authority (CA).

SSL certificate mailfence.com

A modern browser should automatically check the validity of the Mailfence SSL/TLS certificate and alert you if it detects something untrustworthy. In case an adversary succeeds in spoofing Mailfence (using a rogue SSL/TLS certificate), you will still be able to detect such an (AiTM) attack by manually checking Mailfence SSL/TLS certificate fingerprints.

The Mailfence SSL/TLS certificate fingerprints [valid until October 2nd 2022, 08:40 AM (Central European Summer Time)] are:

SHA1 fingerprint:

B7:F2:67:28:F9:52:05:14:37:BE:D3:28:B3:33:9C:C3:8F:4C:12:6B

SHA-256 fingerprint:

26:97:C8:CE:17:DB:4E:E8:AF:5D:BA:EE:CE:C1:B3:34:05:C3:73:C4:1B:F3:A6:D6:1F:64:A1:E1:6C:8E:36:4D

If this matches what you see in your browser, then you know you are communicating with the right Mailfence website/service and using the correct public key to encrypt your sensitive information and only Mailfence can decrypt it.

Last updated: July, 20th 2022
Next update date: October 2nd 2022

Guidelines:

  • For Chrome:
    1. Click on the green padlock in the address bar.
    2. Click on the Certificate.
    3. In General, verify that the Fingerprints (SHA1 & SHA-256) matches the one’s above.
  • For Firefox:
    1. Click on the lock button in front of the URL and click on the Arrow on the right side of the dropdown.
    2. Click on Connection Secure.
    3. Click on More Information.
    4. Go to Security and click on View Certificate.
    5. Verify that the Fingerprints (SHA1 & SHA-256) matches the one’s above.
  • For Safari:
    1. Click on the lock button in front of the URL.
    2. Select Show Certificate, in Details scroll to the bottom of the page.
    3. Verify that the Fingerprints (SHA1 & SHA-256) matches the one’s above.

Note: Make sure, in your browser, you are looking at the leaf certificate (mailfence.com, *.mailfence.com). This certificate does not cover blog.mailfence.com and kb.mailfence.com domain names.

For further assistance, feel free to drop us an email at support@mailfence.com

Get your secure email

At Mailfence – a secure and private email service, we believe in following good security practices, to contribute in providing you a secure and private email solution.

Follow us on twitter/reddit and keep yourself posted at all times.

– Mailfence Team

Avatar for M Salman Nadeem

M Salman Nadeem

Salman works as an Information security analyst for Mailfence. His areas of interests include cryptography, security architecture and design, access control and operations security. You can follow him on LinkedIn @mohammadsalmannadeem

You may also like...