Add the CA : Might Espace SSL




4 years ago
4 years ago


(Reporter: kacymimo, Unassigned)


37 Branch

Firefox Tracking Flags

(Not tracked)



(1 attachment)

1.29 KB, application/x-x509-ca-cert


4 years ago
Created attachment 8593471 [details]

User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:37.0) Gecko/20100101 Firefox/37.0
Build ID: 20150402191859

Steps to reproduce:

Name : Might Espace SSL
Url : No URL in the certificate
Organism type : A future society
Users : Society,Persons 

The CA need to be include in Mozilla Products because, example : The MECloud using this CA,or a Game using this CA, Products needing SSL Security.

(Personnal note : Sorry for my bad english..., im French)


4 years ago
Alias: add-a-new-ca
Component: Untriaged → Security
OS: Windows 7 → All
Hardware: x86_64 → All

Comment 1

4 years ago
The CA should submit itself into the root store, and there are formal requirements for this. More details are here:

Assuming you are a user of products that use their certificates, you should contact the CA (or ask the products to use an alternative CA and/or for the products to contact the CA) so that it applies for inclusion. We can't just add random certificates that people upload to a bug to everybody's copy of Firefox. :-)
Group: core-security
Last Resolved: 4 years ago
Resolution: --- → INVALID

Comment 2

4 years ago
Yes, im using my CA, because, not only me, TheTarknessGames (, Firbbo Organisation (not HTTPS today), MECloud (, and it's really my CA, i have send 2 requests on BugZilla.
Resolution: INVALID → ---

Comment 3

4 years ago
Please follow the instructions Kathleen gave you in bug 1148786 comment 1.
Last Resolved: 4 years ago4 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1148786


4 years ago

Comment 4

4 years ago
I have followed the instructions of Kathleen.... what is the problem?
Alias: add-a-new-ca

Comment 5

4 years ago
I have followed the instructions of Kathleen.... what is the problem?
Flags: needinfo?(gijskruitbosch+bugs)

Comment 6

4 years ago
(In reply to Kacy Luzzardi from comment #5)
> I have followed the instructions of Kathleen.... what is the problem?

Did the instructions say to file a security-sensitive bug in Firefox::Security? I doubt it...

Flags: needinfo?(gijskruitbosch+bugs) → needinfo?(kwilson)

Comment 7

4 years ago
(In reply to :Gijs Kruitbosch from comment #6)
> (In reply to Kacy Luzzardi from comment #5)
> > I have followed the instructions of Kathleen.... what is the problem?
> Did the instructions say to file a security-sensitive bug in
> Firefox::Security? 

"2. Once you are ready, formally submit your request using the Mozilla project's Bugzilla issue tracking system:
... Create a new bug report corresponding to your request. The link just given will fill in many the multiple-choice fields correctly, and add templated text ... If the link to create a bug report does not work for you, then follow the instructions in CA Information Template to manually create the bug and set the appropriate fields.
Do NOT select "Restricted Visibility" or "Role Visibility". All information that is submitted for Root Inclusion requests must be publicly available.
"There is a link on the How_to_apply page that will automatically create the bug to request root inclusion, with all of the appropriate fields filled in and with a template in the bug description field.
Using the link, a bug will be created with the following fields set:
    Component: CA Certificates
    Version: Other
    Severity: enhancement
    Platform: All
    OS: All
    Summary: Add [your CA's name] root certificate(s)
    Description: [see below]"

Anyways, as I said in Bug #1148786
Please read the following:

In particular please start with
"If your certificates will only be used to verify one domain (e.g. * but you want others outside of your organization to be able to browse to your website using https without having to manually import a root certificate, then you can get an SSL certificate from one of the CAs who already have a root certificate included in the major browsers."

"IMPORTANT Items to Note:
- The information listed in CA Information Checklist is expected to be publicly available so that it can be reviewed and referenced during the Public Discussion Phase and for future reference.
- Having a root included in NSS is not a one-time effort. After a CA has a root included in NSS, it is expected that the CA will continue to be aware of ongoing discussions and updates to the Mozilla CA Certificate Policy. The CA is required to send regular updated audits to Mozilla. The CA is required to update their policies as the Mozilla CA Certificate Policy is updated.
- According to the Mozilla CA Certificate Policy: "We will determine which CA certificates are included in software products distributed through, based on the benefits and risks of such inclusion to typical users of those products." and "We require that all CAs whose certificates are distributed with our software product ... provide some service relevant to typical users of our software products" It is the CAs responsibility to explain why their root needs to be included in NSS and explain how the inclusion will benefit typical Mozilla users."

If you believe that direct inclusion of your CA certificate will benefit a significant number of typical users, then please proceed by getting the appropriate audits according to sections 11 through 14 of

Then file a new Bugzilla bug as described on the CA:How_to_apply wiki page, and provide all of the required information as listed here:

Flags: needinfo?(kwilson)
You need to log in before you can comment on or make changes to this bug.