Secure website support: Let's Encrypt

What makes a website secure and why do I need it?

If a website is secure, it means that all information from the website to your computer is encrypted. This ensures a potential attacker can't steal your information.

HTTPS is the secure version of HTTP. It's the procedure over which data is sent between your browser and the website that you are connected to. The 'S' at the end of HTTPS stands for 'Secure'.

Some browsers warn visitors if the website they are viewing is not secured through HTTPS. This can be alarming to visitors, and is a good reason to enable HTTPS on your site.

Browsers also show padlocks in the url bar to show that the website is secure. We do the same thing when you log into Fastmail. Check the address bar for the green padlock badge with the text Fastmail Pty Ltd.

Secure website support for custom domains

Fastmail now integrates Let's Encrypt support to our domain and file hosting features. We will automatically generate a SSL certificate for your domain using Let's Encrypt.

Any website hosted at Fastmail, with your custom domain, can be secured. In addition, any account administrator can turn on secure website support.

If anyone chooses to access your website, they will be safe in the knowledge that their data transmission is protected.

You can find more information on how to use Let's Encrypt for your website below:

How to secure your website

To turn on Let's Encrypt for your website:

1. Go to Websites while logged into your admin account

2. For exisiting websites on custom Fastmail hosted domains, select Edit

3. Check the HTTPS box

4. Select Save.

create website screen

Note: For newly created websites, select the HTTPS checkbox when setting up.

Renewing your certificate

The certificate is valid for 90 days, but we will renew these automatically after 60 days to ensure that there are no service interruptions.

Secure websites for other domains

Currently we're unable to provide certificates for wildcard websites and websites on Fastmail domains (such as fastmail.com). However, if you're not using your own domain and you've set a password on your site, you can access your files over an encrypted connection. This can be done by using the special address of the form below:

https://user.fm/yourusername.fastmail.com/ 

If we can't create or renew your certificate, we will e-mail you.

Potential DNS errors with Let's Encrypt

Note: As a DNS host, Fastmail does not support DNSSEC.

There are two solutions available if you have DNSSEC enabled on your domain:

  1. Switch your DNS host to one that supports DNSSEC.

  2. Disable DNSSEC for your domain.

Personal Data

Although we set up the certificate on your behalf, the only information we send to Let's Encrypt is your domain name: no other information is shared.