Secure website support: Let's Encrypt

Fastmail now integrates Let's Encrypt support to our domain and file hosting features. We will automatically generate a SSL certificate for your domain using Let's Encrypt.

Any website hosted at Fastmail with your custom domain can be secured. In addition, any account administrator can turn on secure website support.

If anyone chooses to access your website, they will be reassured to see their data transmission is protected.

• Why do I need to make my website secure?
• How to secure your website
• Renewing your certificate
• Secure websites for other domains
• Potential DNS errors with Let's Encrypt
• Personal Data

Why do I need to make my website secure?

If a website is secure, it means that all information from the website to your computer is encrypted. This ensures a potential attacker can't steal your information.

HTTPS is the secure version of HTTP. It's the procedure over which data is sent between your browser and the website that you are connected to. The 'S' at the end of HTTPS stands for 'Secure'.

Many browsers show a warning if a website is not secured through HTTPS, which can be alarming to the visitor. Browsers also show padlocks in the URL bar to show that the website is secure. 

To avoid causing alarm or confusion, we recommend that you enable HTTPS on your site.

How to secure your website

To turn on Let's Encrypt for your website:

1. Go to Websites while logged into your admin account.
2. For existing websites on custom Fastmail hosted domains, select Edit.
3. Check the HTTPS box.
4. Select Save.

Renewing your certificate

The certificate is valid for 90 days, but we will renew these automatically after 60 days to ensure that there are no service interruptions.

If we can't create or renew your certificate, we will e-mail you.

Secure websites for other domains

Currently, we're unable to provide certificates for wildcard websites and websites on Fastmail domains (such as fastmail.com).

However, if you're not using your own domain and you've set a password on your site, you can access your files over an encrypted connection using a URL with the following format: https://user.fm/yourusername.fastmail.com/

Potential DNS errors with Let's Encrypt

Please note that Fastmail does not support DNSSEC.

There are two solutions available if you have DNSSEC enabled on your domain:

• Switch your DNS host to one that supports DNSSEC.

• Disable DNSSEC for your domain.

Personal data

Although we set up the certificate on your behalf, the only information we send to Let's Encrypt is your domain name. No other information is shared.