TLS/SSL Certificates¶
To secure our services (e.g., HTTPS for web sites or SMTP and IMAP on the mail server) we employ two types of TLS/SSL certificates:
- Commercial certificates signed by DigiCert Inc
- (Old) Commercial certificates signed by QuoVadis CA
- Free and open certificates signed by Let's Encrypt
In the past some of our services/sites used CAcert or self-signed certificates. These should not be in use anymore. If we missed one in our checks or should you encounter any security errors, please contact us.
Directory service (LDAP)¶
Our LDAP data is only accessible through an encrypted connection using TLS v1.2 or GSSAPI (Kerberos 5) to ensure the security and privacy of our users. Refer to ldap for TLS certificate trust and configuration details.