This bug requests inclusion in the NSS root store of the following root certificates owned by Google Trust Services LLC. Please replace the existing version of these root certificates that are currently in NSS, with these new root certificates. Friendly Name: GlobalSign Cert Location: https://pki.goog/repo/certs/gsr4.pem SHA-256 Fingerprint: B085D70B964F191A73E4AF0D54AE7A0E07AAFDAF9B71DD0862138AB7325A24A2 Trust Flags: Email; Websites Test URL: https://good.gsr4demo.pki.goog/ **Replaces Existing GlobalSign with SHA-256 Fingerprint:** BEC94911C2955676DB6C0A550986D76E3BA005667C442C9762B4FBB773DE228C Friendly Name: GTS Root R1 Cert Location: https://pki.goog/repo/certs/gtsr1.pem SHA-256 Fingerprint: D947432ABDE7B7FA90FC2E6B59101B1280E0E1C7E4E40FA3C6887FFF57A7F4CF Trust Flags: Email; Websites Test URL: https://good.r1demo.pki.goog/ **Replaces Existing GTS Root R1 with SHA-256 Fingerprint:** 2A575471E31340BC21581CBD2CF13E158463203ECE94BCF9D3CC196BF09A5472 Friendly Name: GTS Root R2 Cert Location: https://pki.goog/repo/certs/gtsr2.pem SHA-1 Fingerprint: 9A44497632DBDEFAD0BCFB5A7B17BD9E56092494 SHA-256 Fingerprint: 8D25CD97229DBF70356BDA4EB3CC734031E24CF00FAFCFD32DC76EB5841C7EA8 Trust Flags: Email; Websites Test URL: https://good.r2demo.pki.goog/ **Replaces Existing GTS Root R2 with SHA-256 Fingerprint:** C45D7BB08E6D67E62E4235110B564E5F78FD92EF058C840AEA4E6455D7585C60 Friendly Name: GTS Root R3 Cert Location: https://pki.goog/repo/certs/gtsr3.pem SHA-256 Fingerprint: 34D8A73EE208D9BCDB0D956520934B4E40E69482596E8B6F73C8426B010A6F48 Trust Flags: Email; Websites Test URL: https://good.r3demo.pki.goog/ **Replaces Existing GTS Root R3 with SHA-256 Fingerprint:** 15D5B8774619EA7D54CE1CA6D0B0C403E037A917F131E8A04E1E6B7A71BABCE5 Friendly Name: GTS Root R4 Cert Location: https://pki.goog/repo/certs/gtsr4.pem SHA-256 Fingerprint: 349DFA4058C5E263123B398AE795573C4E1313C83FE68F93556CD5E8031B3C7D Trust Flags: Email; Websites Test URL: https://good.r4demo.pki.goog/ **Replaces Existing GTS Root R4 with SHA-256 Fingerprint:** 71CCA5391F9E794B04802530B363E121DA8A3043BB26662FEA4DCA7FC951A4BD This CA has been assessed in accordance with the Mozilla project guidelines, and the certificates approved for inclusion in bug #1675821 The next steps are as follows: 1) A representative of the CA must confirm that all the data in this bug is correct, and that the correct certificates have been attached. 2) A Mozilla representative creates a patch with the new certificates. 3) The Mozilla representative requests that another Mozilla representative review the patch. 4) The Mozilla representative adds (commits) the patch to NSS, then closes this bug as RESOLVED FIXED. 5) At some time after that, various Mozilla products will move to using a version of NSS which contains the certificate. This process is mostly under the control of the release drivers for those products.
Bug 1735407 Comment 0 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
This bug requests inclusion in the NSS root store of the following root certificates owned by Google Trust Services LLC. Please replace the existing version of these root certificates that are currently in NSS with these new root certificates. Friendly Name: GlobalSign Cert Location: https://pki.goog/repo/certs/gsr4.pem SHA-256 Fingerprint: B085D70B964F191A73E4AF0D54AE7A0E07AAFDAF9B71DD0862138AB7325A24A2 Trust Flags: Email; Websites Test URL: https://good.gsr4demo.pki.goog/ **Replaces Existing GlobalSign with SHA-256 Fingerprint:** BEC94911C2955676DB6C0A550986D76E3BA005667C442C9762B4FBB773DE228C Friendly Name: GTS Root R1 Cert Location: https://pki.goog/repo/certs/gtsr1.pem SHA-256 Fingerprint: D947432ABDE7B7FA90FC2E6B59101B1280E0E1C7E4E40FA3C6887FFF57A7F4CF Trust Flags: Email; Websites Test URL: https://good.r1demo.pki.goog/ **Replaces Existing GTS Root R1 with SHA-256 Fingerprint:** 2A575471E31340BC21581CBD2CF13E158463203ECE94BCF9D3CC196BF09A5472 Friendly Name: GTS Root R2 Cert Location: https://pki.goog/repo/certs/gtsr2.pem SHA-1 Fingerprint: 9A44497632DBDEFAD0BCFB5A7B17BD9E56092494 SHA-256 Fingerprint: 8D25CD97229DBF70356BDA4EB3CC734031E24CF00FAFCFD32DC76EB5841C7EA8 Trust Flags: Email; Websites Test URL: https://good.r2demo.pki.goog/ **Replaces Existing GTS Root R2 with SHA-256 Fingerprint:** C45D7BB08E6D67E62E4235110B564E5F78FD92EF058C840AEA4E6455D7585C60 Friendly Name: GTS Root R3 Cert Location: https://pki.goog/repo/certs/gtsr3.pem SHA-256 Fingerprint: 34D8A73EE208D9BCDB0D956520934B4E40E69482596E8B6F73C8426B010A6F48 Trust Flags: Email; Websites Test URL: https://good.r3demo.pki.goog/ **Replaces Existing GTS Root R3 with SHA-256 Fingerprint:** 15D5B8774619EA7D54CE1CA6D0B0C403E037A917F131E8A04E1E6B7A71BABCE5 Friendly Name: GTS Root R4 Cert Location: https://pki.goog/repo/certs/gtsr4.pem SHA-256 Fingerprint: 349DFA4058C5E263123B398AE795573C4E1313C83FE68F93556CD5E8031B3C7D Trust Flags: Email; Websites Test URL: https://good.r4demo.pki.goog/ **Replaces Existing GTS Root R4 with SHA-256 Fingerprint:** 71CCA5391F9E794B04802530B363E121DA8A3043BB26662FEA4DCA7FC951A4BD This CA has been assessed in accordance with the Mozilla project guidelines, and the certificates approved for inclusion in bug #1675821 The next steps are as follows: 1) A representative of the CA must confirm that all the data in this bug is correct, and that the correct certificates have been attached. 2) A Mozilla representative creates a patch with the new certificates. 3) The Mozilla representative requests that another Mozilla representative review the patch. 4) The Mozilla representative adds (commits) the patch to NSS, then closes this bug as RESOLVED FIXED. 5) At some time after that, various Mozilla products will move to using a version of NSS which contains the certificate. This process is mostly under the control of the release drivers for those products.
This bug requests inclusion in the NSS root store of the following root certificates owned by Google Trust Services LLC. Please replace the existing version of these root certificates that are currently in NSS with these new root certificates, and also enable both the Email and Websites trust bits for all of them. Friendly Name: GlobalSign Cert Location: https://pki.goog/repo/certs/gsr4.pem SHA-256 Fingerprint: B085D70B964F191A73E4AF0D54AE7A0E07AAFDAF9B71DD0862138AB7325A24A2 Trust Flags: Email; Websites Test URL: https://good.gsr4demo.pki.goog/ **Replaces Existing GlobalSign with SHA-256 Fingerprint:** BEC94911C2955676DB6C0A550986D76E3BA005667C442C9762B4FBB773DE228C Friendly Name: GTS Root R1 Cert Location: https://pki.goog/repo/certs/gtsr1.pem SHA-256 Fingerprint: D947432ABDE7B7FA90FC2E6B59101B1280E0E1C7E4E40FA3C6887FFF57A7F4CF Trust Flags: Email; Websites Test URL: https://good.r1demo.pki.goog/ **Replaces Existing GTS Root R1 with SHA-256 Fingerprint:** 2A575471E31340BC21581CBD2CF13E158463203ECE94BCF9D3CC196BF09A5472 Friendly Name: GTS Root R2 Cert Location: https://pki.goog/repo/certs/gtsr2.pem SHA-1 Fingerprint: 9A44497632DBDEFAD0BCFB5A7B17BD9E56092494 SHA-256 Fingerprint: 8D25CD97229DBF70356BDA4EB3CC734031E24CF00FAFCFD32DC76EB5841C7EA8 Trust Flags: Email; Websites Test URL: https://good.r2demo.pki.goog/ **Replaces Existing GTS Root R2 with SHA-256 Fingerprint:** C45D7BB08E6D67E62E4235110B564E5F78FD92EF058C840AEA4E6455D7585C60 Friendly Name: GTS Root R3 Cert Location: https://pki.goog/repo/certs/gtsr3.pem SHA-256 Fingerprint: 34D8A73EE208D9BCDB0D956520934B4E40E69482596E8B6F73C8426B010A6F48 Trust Flags: Email; Websites Test URL: https://good.r3demo.pki.goog/ **Replaces Existing GTS Root R3 with SHA-256 Fingerprint:** 15D5B8774619EA7D54CE1CA6D0B0C403E037A917F131E8A04E1E6B7A71BABCE5 Friendly Name: GTS Root R4 Cert Location: https://pki.goog/repo/certs/gtsr4.pem SHA-256 Fingerprint: 349DFA4058C5E263123B398AE795573C4E1313C83FE68F93556CD5E8031B3C7D Trust Flags: Email; Websites Test URL: https://good.r4demo.pki.goog/ **Replaces Existing GTS Root R4 with SHA-256 Fingerprint:** 71CCA5391F9E794B04802530B363E121DA8A3043BB26662FEA4DCA7FC951A4BD This CA has been assessed in accordance with the Mozilla project guidelines, and the certificates approved for inclusion in bug #1675821 The next steps are as follows: 1) A representative of the CA must confirm that all the data in this bug is correct, and that the correct certificates have been attached. 2) A Mozilla representative creates a patch with the new certificates. 3) The Mozilla representative requests that another Mozilla representative review the patch. 4) The Mozilla representative adds (commits) the patch to NSS, then closes this bug as RESOLVED FIXED. 5) At some time after that, various Mozilla products will move to using a version of NSS which contains the certificate. This process is mostly under the control of the release drivers for those products.
This bug requests inclusion in the NSS root store of the following root certificates owned by Google Trust Services LLC. Please replace the existing version of these root certificates that are currently in NSS with these new root certificates, and also enable both the Email and Websites trust bits for all of them. Friendly Name: GlobalSign Cert Location: https://pki.goog/repo/certs/gsr4.pem SHA-256 Fingerprint: B085D70B964F191A73E4AF0D54AE7A0E07AAFDAF9B71DD0862138AB7325A24A2 Trust Flags: Email; Websites Test URL: https://good.gsr4demo.pki.goog/ **Replaces Existing GlobalSign with SHA-256 Fingerprint:** BEC94911C2955676DB6C0A550986D76E3BA005667C442C9762B4FBB773DE228C Friendly Name: GTS Root R1 Cert Location: https://pki.goog/repo/certs/gtsr1.pem SHA-256 Fingerprint: D947432ABDE7B7FA90FC2E6B59101B1280E0E1C7E4E40FA3C6887FFF57A7F4CF Trust Flags: Email; Websites Test URL: https://good.r1demo.pki.goog/ **Replaces Existing GTS Root R1 with SHA-256 Fingerprint:** 2A575471E31340BC21581CBD2CF13E158463203ECE94BCF9D3CC196BF09A5472 Friendly Name: GTS Root R2 Cert Location: https://pki.goog/repo/certs/gtsr2.pem SHA-256 Fingerprint: 8D25CD97229DBF70356BDA4EB3CC734031E24CF00FAFCFD32DC76EB5841C7EA8 Trust Flags: Email; Websites Test URL: https://good.r2demo.pki.goog/ **Replaces Existing GTS Root R2 with SHA-256 Fingerprint:** C45D7BB08E6D67E62E4235110B564E5F78FD92EF058C840AEA4E6455D7585C60 Friendly Name: GTS Root R3 Cert Location: https://pki.goog/repo/certs/gtsr3.pem SHA-256 Fingerprint: 34D8A73EE208D9BCDB0D956520934B4E40E69482596E8B6F73C8426B010A6F48 Trust Flags: Email; Websites Test URL: https://good.r3demo.pki.goog/ **Replaces Existing GTS Root R3 with SHA-256 Fingerprint:** 15D5B8774619EA7D54CE1CA6D0B0C403E037A917F131E8A04E1E6B7A71BABCE5 Friendly Name: GTS Root R4 Cert Location: https://pki.goog/repo/certs/gtsr4.pem SHA-256 Fingerprint: 349DFA4058C5E263123B398AE795573C4E1313C83FE68F93556CD5E8031B3C7D Trust Flags: Email; Websites Test URL: https://good.r4demo.pki.goog/ **Replaces Existing GTS Root R4 with SHA-256 Fingerprint:** 71CCA5391F9E794B04802530B363E121DA8A3043BB26662FEA4DCA7FC951A4BD This CA has been assessed in accordance with the Mozilla project guidelines, and the certificates approved for inclusion in bug #1675821 The next steps are as follows: 1) A representative of the CA must confirm that all the data in this bug is correct, and that the correct certificates have been attached. 2) A Mozilla representative creates a patch with the new certificates. 3) The Mozilla representative requests that another Mozilla representative review the patch. 4) The Mozilla representative adds (commits) the patch to NSS, then closes this bug as RESOLVED FIXED. 5) At some time after that, various Mozilla products will move to using a version of NSS which contains the certificate. This process is mostly under the control of the release drivers for those products.
This bug requests inclusion in the NSS root store of the following root certificates owned by Google Trust Services LLC. Please replace the existing version of these root certificates that are currently in NSS with these new root certificates, and also enable both the Email and Websites trust bits for all of them. Friendly Name: GlobalSign ECC Root CA - R4 Cert Location: https://pki.goog/repo/certs/gsr4.pem SHA-256 Fingerprint: B085D70B964F191A73E4AF0D54AE7A0E07AAFDAF9B71DD0862138AB7325A24A2 Trust Flags: Email; Websites Test URL: https://good.gsr4demo.pki.goog/ **Replaces Existing GlobalSign with SHA-256 Fingerprint:** BEC94911C2955676DB6C0A550986D76E3BA005667C442C9762B4FBB773DE228C Friendly Name: GTS Root R1 Cert Location: https://pki.goog/repo/certs/gtsr1.pem SHA-256 Fingerprint: D947432ABDE7B7FA90FC2E6B59101B1280E0E1C7E4E40FA3C6887FFF57A7F4CF Trust Flags: Email; Websites Test URL: https://good.r1demo.pki.goog/ **Replaces Existing GTS Root R1 with SHA-256 Fingerprint:** 2A575471E31340BC21581CBD2CF13E158463203ECE94BCF9D3CC196BF09A5472 Friendly Name: GTS Root R2 Cert Location: https://pki.goog/repo/certs/gtsr2.pem SHA-256 Fingerprint: 8D25CD97229DBF70356BDA4EB3CC734031E24CF00FAFCFD32DC76EB5841C7EA8 Trust Flags: Email; Websites Test URL: https://good.r2demo.pki.goog/ **Replaces Existing GTS Root R2 with SHA-256 Fingerprint:** C45D7BB08E6D67E62E4235110B564E5F78FD92EF058C840AEA4E6455D7585C60 Friendly Name: GTS Root R3 Cert Location: https://pki.goog/repo/certs/gtsr3.pem SHA-256 Fingerprint: 34D8A73EE208D9BCDB0D956520934B4E40E69482596E8B6F73C8426B010A6F48 Trust Flags: Email; Websites Test URL: https://good.r3demo.pki.goog/ **Replaces Existing GTS Root R3 with SHA-256 Fingerprint:** 15D5B8774619EA7D54CE1CA6D0B0C403E037A917F131E8A04E1E6B7A71BABCE5 Friendly Name: GTS Root R4 Cert Location: https://pki.goog/repo/certs/gtsr4.pem SHA-256 Fingerprint: 349DFA4058C5E263123B398AE795573C4E1313C83FE68F93556CD5E8031B3C7D Trust Flags: Email; Websites Test URL: https://good.r4demo.pki.goog/ **Replaces Existing GTS Root R4 with SHA-256 Fingerprint:** 71CCA5391F9E794B04802530B363E121DA8A3043BB26662FEA4DCA7FC951A4BD This CA has been assessed in accordance with the Mozilla project guidelines, and the certificates approved for inclusion in bug #1675821 The next steps are as follows: 1) A representative of the CA must confirm that all the data in this bug is correct, and that the correct certificates have been attached. 2) A Mozilla representative creates a patch with the new certificates. 3) The Mozilla representative requests that another Mozilla representative review the patch. 4) The Mozilla representative adds (commits) the patch to NSS, then closes this bug as RESOLVED FIXED. 5) At some time after that, various Mozilla products will move to using a version of NSS which contains the certificate. This process is mostly under the control of the release drivers for those products.