Proton

UPDATE 11 October 2021: We are now using Let’s Encrypt(nouvelle fenêtre) as the Certificate Authority that verifies the SSL certificates used to secure the Proton Mail and Proton VPN web sites. For more information on this, and for instructions on how to check the validity of our certificate, please see Proton Mail’s TLS/SSL Certificate.

Last week, we underwent the process of fortifying our SSL certificates. As part of our effort to provide the highest level of security and privacy to our users, we have upgraded every single certificate that we use.

The new SSL certificates have several marked improvements over the previous ones.

  • All certificates now use the highest strength 4096-bit RSA
  • proton.me now uses an Extended Validation certificate
  • All certificates are now hashed using the stronger SHA256 algorithm


These changes can already be seen when you visit Proton Mail by the presence of a green bar in the URL.

SSLCertBar(nouvelle fenêtre)

Our new certificates are issued by SwissSign(nouvelle fenêtre) which is a wholly owned by Swiss Post, a public institution owned by the Swiss Confederation and not under US or EU control.

In addition to the new certificates, we have also implemented much stronger SSL encryption. The SSL encryption algorithms we support now provide Perfect Forward Secrecy(nouvelle fenêtre) and our servers are now configured to always use the strongest possible encryption for client connections. As a result, Proton Mail is graded A+ on our SSL report.

sslgrade(nouvelle fenêtre)

To learn how to manually verify your connection to Proton Mail to avoid a MITM attack, you can view our knowledge base article on this topic here.

We are committed to your security and privacy online and in the future you can look forward to further improvements.

Articles similaires

A photo icon and synchronization symbol overlaying a cloud, representing automatic photo backup to the cloud
en
See how to back up photos while protecting your privacy using encrypted cloud storage that shields you from scanning, tracking, and profiling.
Learn the best professional email sign-offs, common mistakes to avoid, and real-world examples.
en
Struggling with how to end an email? Learn about the best professional email sign-offs, common mistakes to avoid, and real-world examples.
A phone screen with a speech bubble with a phone number in it
en
Your email address and passwords aren't the only information hackers can use to scam you. Here's what someone can do with your phone number — and how to protect it.
A web application screen with an unlock icon in the bottom right corner
en
Your best defense against a data breach could be improving your web application security: Find out how Proton Pass can help.
Investigative journalist Vegas Tenold explains the gear he uses to protect his privacy and stay safe.
en
  • Actualités vie privée
Follow investigative journalist Vegas Tenold as he explains his gear and how it keeps him safe from surveillance as he works in the field.
Coinbase, the largest Bitcoin exchange in the US, suffered a data breach
en
  • Actualités vie privée
  • Proton Wallet
Coinbase employees sold sensitive personal information to attackers, including government IDs and BTC transaction history. Proton Wallet is built to avoid these risks.