Closed
Bug 378162
Opened 17 years ago
Closed 17 years ago
Add DigiCert root CA certificate(s) to NSS
Categories
(NSS :: Libraries, enhancement)
NSS
Libraries
Tracking
(Not tracked)
RESOLVED
FIXED
3.11.8
People
(Reporter: gerv, Assigned: KaiE)
References
Details
Attachments
(3 files)
This bug requests inclusion in the NSS root certificate store of the following certificate(s), owned by DigiCert: 1) Friendly name: "DigiCert Assured ID Root CA" SHA1 Fingerprint: 05:63:B8:63:0D:62:D7:5A:BB:C8:AB:1E:4B:DF:B5:A8:99:B2:4D:43 Trust flags: Websites, Email 2) Friendly name: "DigiCert Global Root CA" SHA1 Fingerprint: A8:98:5D:3A:65:E5:E5:C4:B2:D7:D6:6D:40:C6:DD:2F:B1:9C:54:36 Trust flags: Websites, Email 3) Friendly name: "DigiCert High Assurance EV Root CA" SHA1 Fingerprint: 5F:B7:EE:06:33:E2:59:DB:AD:OC:4C:9A:E6:D3:8F:1A:61:C7:DC:25 Trust flags: Websites, Email The certificate(s) themselves will be attached momentarily. This CA has been assessed in accordance with the Mozilla project guidelines, and the certificate(s) approved for inclusion in bug 364568. The steps are as follows: 1) A representative of the CA must confirm that all the data in this bug is correct, and that the correct certificate(s) have been attached. 2) The Mozilla representative adds the certificate(s) to the store, and marks the bug RESOLVED FIXED. 3) Within two weeks, a representative of the CA must download a copy of the development version of Firefox and confirm (by adding a comment here) that the certificates have been correctly imported. If this does not happen, the certificates will be removed again. 4) The bug is VERIFIED. Gerv
Reporter | ||
Comment 1•17 years ago
|
||
Reporter | ||
Comment 2•17 years ago
|
||
Reporter | ||
Comment 3•17 years ago
|
||
Comment 4•17 years ago
|
||
(In reply to comment #0) > This bug requests inclusion in the NSS root certificate store of the following > certificate(s), owned by DigiCert: > > 1) Friendly name: "DigiCert Assured ID Root CA" > SHA1 Fingerprint: > 05:63:B8:63:0D:62:D7:5A:BB:C8:AB:1E:4B:DF:B5:A8:99:B2:4D:43 > Trust flags: Websites, Email Confirmed Match > 2) Friendly name: "DigiCert Global Root CA" > SHA1 Fingerprint: > A8:98:5D:3A:65:E5:E5:C4:B2:D7:D6:6D:40:C6:DD:2F:B1:9C:54:36 > Trust flags: Websites, Email Confirmed Match > 3) Friendly name: "DigiCert High Assurance EV Root CA" > SHA1 Fingerprint: > 5F:B7:EE:06:33:E2:59:DB:AD:OC:4C:9A:E6:D3:8F:1A:61:C7:DC:25 > Trust flags: Websites, Email Confirmed Match > The certificate(s) themselves will be attached momentarily. > > This CA has been assessed in accordance with the Mozilla project guidelines, > and the certificate(s) approved for inclusion in bug 364568. > > The steps are as follows: > > 1) A representative of the CA must confirm that all the data in this bug is > correct, and that the correct certificate(s) have been attached. Confirmed - all data in this bug is correct. We have downloaded the 3 attached certificates as posted, and verified that they match. We also ran an md5 checksum on each which matched our root certificates. > 2) The Mozilla representative adds the certificate(s) to the store, and marks > the bug RESOLVED FIXED. > > 3) Within two weeks, a representative of the CA must download a copy of the > development version of Firefox and confirm (by adding a comment here) that the > certificates have been correctly imported. If this does not happen, the > certificates will be removed again. We will confirm in two weeks time. > 4) The bug is VERIFIED. Thanks, Ken
Assignee | ||
Updated•17 years ago
|
Reporter | ||
Comment 5•17 years ago
|
||
I apologise for the delay. Please see bug 378489 for details on how to review the updated nssckbi.dll. Gerv
Comment 6•17 years ago
|
||
I personally checked the roots, as did one of my engineers. Everything checks out fine. The sha1 and md5 fingerprints match exactly with our roots. The names appear as we expected them, and our test sites worked perfectly when we browsed to them. Thanks again, Ken Bretschneider DigiCert
Reporter | ||
Comment 7•17 years ago
|
||
Resolving FIXED. Note that this means the roots will be in NSS 3.11.8; exactly how they get into Firefox is still being worked out. We _hope_ we can find a way to get them into 2.0.0.5. No promises, though :-) Gerv
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
Assignee | ||
Updated•16 years ago
|
Target Milestone: --- → 3.11.8
You need to log in
before you can comment on or make changes to this bug.
Description
•