Proton Mail Upgrades SSL Certificates

Andy Yen

Share this page

UPDATE 11 October 2021: We are now using Let’s Encrypt(new window) as the Certificate Authority that verifies the SSL certificates used to secure the Proton Mail and Proton VPN web sites. For more information on this, and for instructions on how to check the validity of our certificate, please see Proton Mail’s TLS/SSL Certificate(new window).

Last week, we underwent the process of fortifying our SSL certificates. As part of our effort to provide the highest level of security and privacy to our users, we have upgraded every single certificate that we use.

The new SSL certificates have several marked improvements over the previous ones.

  • All certificates now use the highest strength 4096-bit RSA
  • proton.me now uses an Extended Validation certificate
  • All certificates are now hashed using the stronger SHA256 algorithm


These changes can already be seen when you visit Proton Mail by the presence of a green bar in the URL.

(new window)

Our new certificates are issued by SwissSign(new window) which is a wholly owned by Swiss Post, a public institution owned by the Swiss Confederation and not under US or EU control.

In addition to the new certificates, we have also implemented much stronger SSL encryption. The SSL encryption algorithms we support now provide Perfect Forward Secrecy(new window) and our servers are now configured to always use the strongest possible encryption for client connections. As a result, Proton Mail is graded A+ on our SSL report.

(new window)

To learn how to manually verify your connection to Proton Mail to avoid a MITM attack(new window), you can view our knowledge base article on this topic here(new window).

We are committed to your security and privacy online and in the future you can look forward to further improvements.

Protect your privacy with Proton
Get a free account

Share this page

Andy Yen

Andy is the founder and CEO of Proton. He is a long-time advocate for privacy rights and has spoken at TED, Web Summit, and the United Nations about online privacy issues. Previously, Andy was a research scientist at CERN and has a PhD in particle physics from Harvard University.

Related articles

From having too many inboxes to manage to switching to a new email provider, there are many reasons why you’d want to delete your Gmail account. You might even be concerned that Google is abusing your privacy. Thankfully, you can delete your Gmail a
The first month of 2023 has brought brutal layoffs from Big Tech, a potential ban of TikTok in the US, and another Twitter breach. But the biggest development of this new year has to be the ascent of ChatGPT.  The chatbot can produce remarkably huma
Hackers were able to steal account details from over 200 million Twitter users and posted the database on a hacking forum in early January 2023. These details include users’ email addresses and Twitter handles, allowing people to potentially identify
From your online shopping receipts to financial statements, your emails contain a great deal of sensitive information about your life, interests, and daily schedule. If you’re concerned about your online privacy, it’s therefore vital to keep your inb
At Proton, we’re committed to building privacy-focused products that are convenient to use and improve your productivity. Last year, we released the new mobile apps for Proton Calendar and Proton Drive, letting you manage your schedule and upload imp
Most email services aren’t secure and limit attachment file sizes, but there are ways to send large files securely. If you’ve ever tried attaching multiple images or video files to an email, you’ll know that it doesn’t always work. We explain ways t