Secure website support: Let's Encrypt

Fastmail now integrates Let's Encrypt support to our domain and file hosting features. We will automatically generate a SSL certificate for your domain using Let's Encrypt.

Any website hosted at Fastmail with your custom domain can be secured. In addition, any account administrator can turn on secure website support.

If anyone chooses to access your website, they will be reassured to see their data transmission is protected.

• Why do I need to make my website secure?
• How to secure your website
• Renewing your certificate
• Secure websites for other domains
• Potential DNS errors with Let's Encrypt
• Personal Data

Why do I need to make my website secure?

If a website is secure, it means that all information from the website to your computer is encrypted. This ensures a potential attacker can't steal your information.

HTTPS is the secure version of HTTP. It's the procedure over which data is sent between your browser and the website that you are connected to. The 'S' at the end of HTTPS stands for 'Secure'.

Many browsers show a warning if a website is not secured through HTTPS, which can be alarming to the visitor. Browsers also show padlocks in the URL bar to show that the website is secure. 

To avoid causing alarm or confusion, we recommend that you enable HTTPS on your site.

How to secure your website

To enable Let's Encrypt for your website:

1. Go to Websites while logged into your admin account.
2. Click on the website.
3. Select the HTTPS checkbox.
4. Be sure to click Save.

Renewing your certificate

The certificate is valid for 90 days as per Let's Encrypt policy, but we will renew these automatically after 60 days to ensure that there are no service interruptions.

If we can't create or renew your certificate, we will notify you via email.

Secure websites for other domains

Currently, we're unable to provide certificates for wildcard websites and websites on Fastmail domains (such as fastmail.com).

However, if you're not using your own domain and you've set a password on your site, you can access your files over an encrypted connection using a URL with the following format: https://user.fm/yourusername.fastmail.com/

Potential DNS errors with Let's Encrypt

Please note that Fastmail does not support DNSSEC.

There are two solutions available if you have DNSSEC enabled on your domain:

• Switch your DNS host to one that supports DNSSEC.
• Disable DNSSEC for your domain.

Personal data

Although we set up the certificate on your behalf, the only information we send to Let's Encrypt is your domain name. No other information is shared.