Closed Bug 1120604 Opened 7 years ago Closed 7 years ago
Add Entrust G2 and EC1 root certificates to NSS
This bug requests inclusion in the NSS root certificate store of the following 2 certificates, owned by Entrust. Friendly Name: Entrust Root Certification Authority - G2 Cert Location: https://bugzilla.mozilla.org/attachment.cgi?id=567059 SHA-1 Fingerprint: 8C:F4:27:FD:79:0C:3A:D1:66:06:8D:E8:1E:57:EF:BB:93:22:72:D4 Trust flags: Websites, Email, Code Signing Test URL: https://validg2.entrust.net/ Friendly Name: Entrust Root Certification Authority - EC1 Cert Location: https://bugzilla.mozilla.org/attachment.cgi?id=813664 SHA-1 Fingerprint: 20:D8:06:40:DF:9B:25:F5:12:25:3A:11:EA:F7:59:8A:EB:14:B5:47 Trust flags: Websites, Email, Code Signing Test URL: https://validec.entrust.net This CA has been assessed in accordance with the Mozilla project guidelines, and the certificates approved for inclusion in bug 849950. The next steps are as follows: 1) A representative of the CA must confirm that all the data in this bug is correct, and that the correct certificates have been attached. 2) A Mozilla representative creates a patch with the new certificates, and provides a special test version of Firefox. 3) A representative of the CA uses the test version of Firefox to confirm (by adding a comment in this bug) that the certificates have been correctly imported and that websites work correctly. 4) The Mozilla representative requests that another Mozilla representative review the patch. 5) The Mozilla representative adds (commits) the patch to NSS, then closes this bug as RESOLVED FIXED. 6) At some time after that, various Mozilla products will move to using a version of NSS which contains the certificates. This process is mostly under the control of the release drivers for those products.
Bruce, Please see step #1 above.
Entrust confirms that the information in this bug is correct and the correct root certificates have been attached. Thanks, Bruce.
Test builds of a development version of Firefox, which contain the requested change(s), can be found here: https://firstname.lastname@example.org/
This does NOT yet add EV status. Please ignore that EV is not yet enabled, and please test that the root has been correctly added.
Bruce, Please test the code change as described here: https://wiki.mozilla.org/CA:How_to_apply#Testing_Inclusion
The testing was successful. We found both roots in the test browser and we reached our test sites securely. Thanks, Bruce.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Whiteboard: In NSS 3.18, Firefox 38
You need to log in before you can comment on or make changes to this bug.