ProtonMail Upgrades SSL Certificates

UPDATE 11 October 2021: We are now using Let’s Encrypt as the Certificate Authority that verifies the SSL certificates used to secure the ProtonMail and ProtonVPN web sites. For more information on this, and for instructions on how to check the validity of our certificate, please see ProtonMail’s TLS/SSL Certificate.

Last week, we underwent the process of fortifying our SSL certificates. As part of our effort to provide the highest level of security and privacy to our users, we have upgraded every single certificate that we use.

The new SSL certificates have several marked improvements over the previous ones.

  • All certificates now use the highest strength 4096-bit RSA
  • protonmail.ch now uses an Extended Validation certificate
  • All certificates are now hashed using the stronger SHA256 algorithm


These changes can already be seen when you visit ProtonMail by the presence of a green bar in the URL.

SSLCertBar

Our new certificates are issued by SwissSign which is a wholly owned by Swiss Post, a public institution owned by the Swiss Confederation and not under US or EU control.

In addition to the new certificates, we have also implemented much stronger SSL encryption. The SSL encryption algorithms we support now provide Perfect Forward Secrecy and our servers are now configured to always use the strongest possible encryption for client connections. As a result, ProtonMail is graded A+ on our SSL report.

sslgrade

To learn how to manually verify your connection to ProtonMail to avoid a MITM attack, you can view our knowledge base article on this topic here.

We are committed to your security and privacy online and in the future you can look forward to further improvements.

Best Regards,
The ProtonMail Team

About the Author

Andy Yen

Andy is the Founder and CEO of Proton, the company behind ProtonMail and ProtonVPN. He is a long time advocate of privacy rights and has spoken at TED, SXSW, and the Asian Investigative Journalism Conference about online privacy issues. Previously, Andy was a research scientist at CERN and has a PhD in Particle Physics from Harvard University. You can watch his TED talk online to learn more about our mission.