Author Archives: Alexander Bahlo

European Data Protection Day and Data Privacy Day

Today we celebrate the European Data Protection Day founded by the Council of Europe (CoE) and the Data Privacy Day in the United States and Canada. We want to raise awareness of data protection and the right to privacy. At CAcert we provide you digital certificates with which you can protect your private data for example by encrypting your mails. To use them you must offer CAcert some of your data, but in order to protect your privacy, we ask you for fewest data possible and we have strict rules how to handle personal data.

Feel secured with CAcert and choose “I have nothing to hide … except for my privacy.”

CAcert and secure-u at Froscon 2019

The open-source fair FrOSCon open its doors on August, 10th + 11st, and of course, CAcert is present!

On the annual FrOSCon event CAcert is present, willing to assure members and to have nice talks to the public. We are very pleased to take part in an event targeted on free software and open source. FrOSCon takes place at Hochschule Bonn-Rhein-Sieg in Sankt Augustin, near Cologne (Köln). We’re happy to welcome you there and enjoy nice talks about securing yourself on the Internet.

If you want to be part of the events-team at FrOSCon feel free to add yourself to our wiki page.

This year CAcert will have it’s stand together with secure-u, who support CAcert for years.


Die Open-Source Messe FrOSCon öffnet dieses Jahr am 10. und 11. August ihre Pforten. Natürlich darf CAcert nicht fehlen!

Auf der jährlichen FrOSCon-Messe treffen sich CAcert-Assurer und Community-Mitglieder. Wir freuen uns auf Erfahrungsaustausch und Gespräche bei einer Messe, die sich an freie und offene Software richtet. Die FrOSCon findet in der Hochschule Bonn-Rhein-Sieg in Sankt Augustin, nahe Köln statt.

Wenn ihr mithelfen wollt, tragt euch doch bitte in unser Wiki ein.

CAcert wird seinen Stand zusammen mit secure-u einrichten, einem Verein, der CAcert schon viele Jahre unterstützt.

CAcert at FrOSCon 2019


As of now, prospective Assurers can also take the Assurer test CATS in Czech. This is an important step towards vulgarizing of the Web of Trust and CAcert’s efforts to increase security on the Internet.

CAcert offers free certificates that can be used for digital signatures, phishing prophylaxis, login or encryption. In order for their own name to be included in the certificate, each user must first meet and identify themselves with at least two Assurers of the Web of Trust. CATS is an important part of Assurer training, explains Bernhard Fröhlich, responsible for training courses. Experience shows that acceptance and the success rate are higher if a course can be completed in one’s own language. Currently CATS can be completed in Czech, German and English.

CAcert 2017

February brought the start of the exhibition season for CAcert with our presence at FOSDEM – one of the biggest Europe-wide developer conferences in Brussels, Belgium. Of course we performed our well-known assurances, which is very popular at such events, with which CAcert safeguards its certificates by checking users’ ID documents. This allows us to offer a safe and trustworthy certificate authority to our users. Of particular note was that interested people were seeking more detailed information about security – questions such as what it actually means, and why are we not yet in the trust stores of many of the web browsers. It’s true that Let’s encrypt is trusted by the popular browsers, but if you take a close look at the certificate of a site protected with a Let’s encrypt certificate, you will find out that it does not contain any information about the owner. This means it is impossible to verify the identity of the site and therefore it is basically uncertain to which site the browser is actually connected to. CAcert allows the site owner to publish identification information in the certificate after the assurance – for private users as well as for companies. This way, CAcert offers a clear mutual trust, which makes it worth importing the CAcert-Root-certificate from

But there’s more: CAcert offers client certificates as well and signs GPG/PGP keys. Anyone who always wanted to sign his emails and encrypt them if needed, can do this easily with CAcert. Most email clients supports S/MIME certificates or PGP. By this means the authenticity of the sender is verified, and the receipient can verify the name of the certificate owner. Also attachments like PDF can be signed this way and protect the document against later changes.

CAcert is supported by an Australian non-profit association, the operation of the server is safeguarded by the German incorporated society secure-u. This structure has advantages, but the Australian society is possible only as long as CAcert has at least three Australian residents as members of the board. In 2017 we want to bring the association behind the web of trust to Europe. This limits the resources of many of the active members, because the handover must be done under appropriate rules. Anyone who wants to support CAcert can find more details at recent blog post “Prosit 2017” or can send an e-mail to

For a secure 2017!
Your CAcert

CAcert @ OpenRheinRuhr, Oberhausen, DE

Die OpenRheinRuhr in Oberhausen öffnet am Wochenende 5./6. November wieder ihre Tore für freie Software. Die Veranstaltung im Rheinischen Industriemuseum ist perfekt erreichbar direkt am Hauptbahnhof in Oberhausen.

CAcert ist natürlich dabei und informiert vor Ort über Risiken im Internet und Möglichkeiten, die Sicherheit deutlich zu erhöhen. Jeder Interessierte kann sich am Stand von CAcert über kostenfreien Zertifikate, darunter SSL-Serverzertifikate und Client-Zertifikate für sichere E-Mail-Kommunikation informieren. Dazu gibt es wieder spannende Gespräche über die Aktivitäten von CAcert und die Ausblicke für die Zukunft. Aktive Mitglieder sind gerne gesehen, Fragen werden sehr gerne beantwortet.


On the week-end November, 5th and 6th, the OpenRheinRuhr in Oberhausen open its doors. It is an ideal platform to get informed about free software – and of course CAcert will attend. The fair takes place in the Rheinisches Industriemuseum directly located at the central station of Oberhausen.

CAcert informs about risks on the internet and shows opportunities to increase safety considerably. Who wants to get informed about free certificates, e.g. SSL-Server certificates, or client certificates for secure e-mail communication is invited to meet CAcert staff for discussion on CAcerts’ OpenRheinRuhr booth. Additionally we are expecting exciting talks about the activities of CAcert and future prospects. Active members are welcome, questions will be answered gladly.

CAcert @ FrOSCon 2016

CAcert was present this week-end at FrOSCon in Sankt Augustin, near Köln/Bonn with a shared booth with secure-u, and was delighted to talk to everybody. We received a lot of feedback and we welcome everybody to meet each other at one of the CAcert events to talk to each other personally.CAcert and secure-u at FrOSCon 11 in 2016

CAcert @ FrOSCon 11

FrOSCon open its doors on August, 20th + 21st, and of course, CAcert is present!

On the annual FrOSCon event CAcert is present, willing to assure members and to have nice talks to the public. We are very pleased to take part in an event targeted on free software and open source. FrOSCon takes place at Hochschule Bonn-Rhein-Sieg in Sankt Augustin, near Cologne (Köln). We’re happy to welcome you there and enjoy nice talks about securing yourself on the Internet.

CAcert at LinuxTag 2014 in Berlin, Germany

This years’ LinuxTag goes from may, 8th till 10th. Main topics this year are professional working with Linux and OpenSource, mobile devices and security. For the first time, it takes place in the STATION, quite in the center of Berlin at Gleisdreieck. Our booth is located in hall 6.

We’re pleased to talk to customers, to CAcert community members, Assurers and networkers for information exchange and knowledge transfer. And we’re liking to take the chance to talk about recent development at CAcert.

CAcert with new signature algorithm

From now on, certificates from CAcert are signed with SHA512 as signature hashing algorithm. Doing so, CAcert improves the security of newly issued certificates over the previously used, usual standard in the industry for certificate authorities. Formerly created certificates remain valid of course. Due to limitations in Microsoft Windows XP without Service Pack 3 the new signatures cannot be validated there. An update to at least Microsoft Windows XP with Service Pack 3 or better (e.g. Linux) eliminates this limitation.

CAcert cracks record of issuing 1 million certificates

The community-based certificate authority CAcert issues the 1 millionth certificate.

In the time of insecurity protection of data privacy is particularly important. The best data protection starts where no more data than necessary for service delivery is stored. This is a basic principle for the activity of CAcert. In doing so CAcert performs all important services of commercial vendors: server certificates for protecting web and email connections, client certificates for signing and easy and at the same time effective encryption of email, for authentication and for code signing are certificate options CAcert offers for everybody.

This includes the great work of the community. They help CAcert to issue certificates free of charge and to be an extremely successful internationally active certificate authority. Right now CAcert has issued its 1 millionth certificate with helps users all over the world protecting their sensitive data.