How do I download my public and private keys?

ProtonMail uses PGP for end-to-end encryption. All users have two encryption keys, one public and one private. The public key can be shared with anyone and is used by your contacts to encrypt their messages to you. The private key is secret (you should never share it) and is used to decrypt incoming messages.

You can download your public and private keys from ProtonMail in order to send PGP encrypted emails to non-ProtonMail users or to use your keys in another PGP client. 

This is an advanced feature for technical users. See How do I upload my backup private keys? for instructions on how to upload PGP keys to ProtonMail. 

How to download your public key

There are two different ways to download your public key depending on how many you have and which one you need.

1. In the web app at mail.protonmail.com, go to Settings > Encryption & keys and scroll down to Email encryption keys.

2. Choose the address for which you want to download the public key from the dropdown menu if it is not already selected.

3. Click Export to automatically export your Primary public key. Or, if you have multiple active public keys, you can click export next to the key you wish to download in the list below. Once you click Export, the file will automatically download in your browser.

Email encryption keys in Protonmail

4. You can also download your own public key or the key of a friend by using this link:

https://api.protonmail.ch/pks/lookup?op=get&search=user.email@protonmail.com

For the link to work, you need to replace [user.email@protonmail.com] with the ProtonMail email address of the appropriate account. You can also quickly share your key with friends by sending them that link with your email address in place of [user.email@protonmail.com].

Once you have placed your ProtonMail address in the link, you can send it to your friend, and with one click they can download your public key.

How to download your private key

1. In the web app at mail.protonmail.com, go to Settings > Encryption & keys and scroll down to Email encryption keys.

2. Choose the address for which you want to download the private key from the dropdown menu if it is not already selected.

3. Click on the dropdown menu labeled Export and select Export private key to download your primary private key. Or select Export private key from the dropdown menu of a specific key if you have multiple key pairs.

4. A pop-up window will ask you to confirm that you wish to download your private key. You will then be asked for your current password, which will be used to decrypt your private key. Then, you will be asked for a new password to encrypt your exported key with. Make sure you keep this password safe, as you will need it to use this key!

Post Comment

15 comments

  1. ernest

    No download on my browser (iPhone).

    Why ?

  2. ProtonMail Support

    Please contact our support team using the support form at https://protonmail.com/support-form.

  3. Wolfgang

    „Trust“ starts with the UPLOAD of the key pair?!?

  4. Hasan

    Not the key pair. You only hand out your PUBLIC key to others. You should never-ever share your private key with anyone, or even transmit it to yourself over an unsecured channel on the Internet. You can share your public key with those who wish to send you encrypted messages. They use your public key to encrypt their messages to you. You can then decrypt those messages using your private key. ProtonMail does this automatically between two ProtonMail users.

  5. Brian

    Is there a way to download the public key of a ProtonMail user so I can send PGP mail in from the outside?

  6. ProtonMail Support

    We have a keyserver running at hkps://api.protonmail.ch (see https://protonmail.com/blog/address-verification-pgp-support/). We also support WKD, which allows other people to find ProtonMail keys using gpg --locate-keys.

  7. Romeo Shamaoun

    greetings
    how are you all? i need to access all my contacts. can you help me, please?
    Thanks.God bless you all

  8. ProtonMail Support

    Please contact our support team: https://protonmail.com/support-form.

  9. Jake

    As the last step outlines, the user is required to set a password to encrypt their private key before exporting. What software should be used to decrypt the ProtonMail public key?

  10. ProtonMail Support

    If you add your private key to another PGP-enabled email client, you will need the password added during export from ProtonMail in order to decrypt the messages in that email client.

  11. Jake

    But which software should be used?

  12. Jake

    Step 5 could do with some elaboration:

    1) What sort of encryption is entailed – OpenPGP?

    2) And the setting of a password for the private key – is this equivalent to setting a passphrase for a private key in Kleopatra or Gnu Privacy Assistance (GPA) ?

  13. ProtonMail Support

    2) Yes, this is the same, meaning that 1) works just like a passphrase does with other PGP solutions.

  14. grady

    If I have someone’s public key in text form, say it is posted somewhere, How do I convert that text to a file that I can then upload and add to that person as a contact.

  15. ProtonMail Support

    If you have the armored text, save it as a .txt file with a text editor, rename it to filename.asc and import that. You should also be able to import it even if you don’t change the extension from .txt to .asc.

Leave A Comment?