Open Bug 1758774 Opened 2 years ago Updated 1 year ago

Have our Salesforce instance use an updated root store

Categories

(CA Program :: Common CA Database, task)

Tracking

(Not tracked)

People

(Reporter: kathleen.a.wilson, Unassigned)

Details

It looks like our Salesforce instance is currently using the default Java root store, which is very outdated.

https://ccadb.my.salesforce.com/cacerts.jsp

https://ideas.salesforce.com/s/idea/a0B8W00000Gdd7JUAR/manage-list-of-trusted-certificate-authorities

It looks like Salesforce does not currently have a way for us to specify our own root store. So either we will need to convince someone at Oracle to update the Java root store, or convince Salesforce to update their root store.

There is a root store they can use here:
https://www.ccadb.org/resources
the "PEM of Root Certificates in Mozilla’s Root Store with the Websites (TLS/SSL) Trust Bit Enabled (CSV)" link

Product: NSS → CA Program
Priority: P2 → --
Whiteboard: [ccadb-enhancement]
You need to log in before you can comment on or make changes to this bug.