ExpressVPN’s Response to the 1024-bit CA Key Blog Post


ExpressVPN is committed to maintaining the privacy and security of our users worldwide. In spite of recent speculation, there is zero evidence or reason to believe that our CA certificates have been breached.

This blog post mentions that ExpressVPN and other providers are still using a 1024-bit CA key for OpenVPN, which many in the community feel no longer meets best practice standards for authentication.

The author points out that we stated a while ago that it is in our backlog to fix and urged us to complete the changeover ASAP. We agree. We have reshuffled tasks to roll out the upgraded CA cert over the next few weeks. (Not to make excuses, but we have a super busy team of engineers!)

The researcher’s blog post only mentions the bit strength of the CA key. It’s important to note that all ExpressVPN OpenVPN servers use 2048-bit keys, and have for some time. Furthermore, for encrypting the network traffic itself, a new key is used for each session to deliver perfect forward secrecy.

We would also like to point out that ExpressVPN has the same challenges providing service to users in China as every other VPN provider, and that the reason we work relatively well in China is because of our active unblocking efforts. Drawing a conclusion that the GFW might be applying specific rules on ExpressVPN’s traffic due to the bit strength of our CA keys is highly speculative and factually unsubstantiated. Furthermore, as the author points out, 1024-bit CA keys are not unique to ExpressVPN.

In summary, we agree that any measures to make our security more bulletproof are measures worth taking. At the same time, we think that there is no reason for our users to worry over alarmist headlines. ExpressVPN is, has been, and will continue to be, committed to keeping the private data of our customers secure.