In Add/Update Root Request Cases prevent CAs from adding intermediate certs as root certs
Categories
(CA Program :: Common CA Database, task)
Tracking
(Not tracked)
People
(Reporter: kathleen.a.wilson, Unassigned)
References
Details
When CAs add new certificates in Add/Update Root Request Cases, corresponding root certificate records get created. The problem arises when a CA mistakenly adds intermediate certificates to their request -- those intermediate certificates get added as root certificates.
Please add a check that the certificate's Subject == Issuer before creating a corresponding root certificate record.
If the certificate's Subject != Issuer, then display a warning that says
Please only add root certificates in your Root Inclusion Case.
After you have added your root certificates, you may directly add intermediate certificates as described in https://www.ccadb.org/cas/intermediates
In the warning pop-up provide buttons: 'Add Cert as Trust Anchor' and 'Go Back'.
('Add Cert as Trust Anchor' means to proceed anyways.)
Reporter | ||
Updated•2 years ago
|
Assignee | ||
Updated•2 years ago
|
Updated•1 year ago
|
Description
•