Closed Bug 1120604 Opened 10 years ago Closed 9 years ago

Add Entrust G2 and EC1 root certificates to NSS


(NSS :: CA Certificates Code, task)

Not set


(Not tracked)



(Reporter: kathleen.a.wilson, Unassigned)



(Whiteboard: In NSS 3.18, Firefox 38)


(2 files)

This bug requests inclusion in the NSS root certificate store of the following 2 certificates, owned by Entrust.
Friendly Name: Entrust Root Certification Authority - G2
Cert Location:
SHA-1 Fingerprint: 8C:F4:27:FD:79:0C:3A:D1:66:06:8D:E8:1E:57:EF:BB:93:22:72:D4
Trust flags: Websites, Email, Code Signing
Test URL:
Friendly Name: Entrust Root Certification Authority - EC1
Cert Location:
SHA-1 Fingerprint: 20:D8:06:40:DF:9B:25:F5:12:25:3A:11:EA:F7:59:8A:EB:14:B5:47
Trust flags: Websites, Email, Code Signing
Test URL:

This CA has been assessed in accordance with the Mozilla project guidelines, and the certificates approved for inclusion in bug 849950. 

The next steps are as follows:
1) A representative of the CA must confirm that all the data in this bug is correct, and that the correct certificates have been attached.
2) A Mozilla representative creates a patch with the new certificates, and provides a special test version of Firefox.
3) A representative of the CA uses the test version of Firefox to confirm (by adding a comment in this bug) that the certificates have been correctly imported and that websites work correctly.
4) The Mozilla representative requests that another Mozilla representative review the patch.
5) The Mozilla representative adds (commits) the patch to NSS, then closes this bug as RESOLVED FIXED.
6) At some time after that, various Mozilla products will move to using a version of NSS which contains the certificates. This process is mostly under the control of the release drivers for those products.
Attached file EntrustRoot-G2.cert
Attached file EntrustRoot-EC1.cert
Bruce, Please see step #1 above.
Blocks: 1120608
Entrust confirms that the information in this bug is correct and the correct root certificates have been attached.

Thanks, Bruce.
Depends on: 1132496
Test builds of a development version of Firefox, which contain the requested change(s), can be found here:
This does NOT yet add EV status. Please ignore that EV is not yet enabled, and please test that the root has been correctly added.
Bruce, Please test the code change as described here:
The testing was successful. We found both roots in the test browser and we reached our test sites securely.

Thanks, Bruce.
Closed: 9 years ago
Resolution: --- → FIXED
Whiteboard: In NSS 3.18, Firefox 38
You need to log in before you can comment on or make changes to this bug.