This bug requests inclusion in the NSS root certificate store of the following root CA certificate, owned by Comodo: 1) Friendly name: "COMODO Certification Authority" SHA-1 fingerprint: 66:31:BF:9E:F7:4F:9E:B6:C9:D5:A6:0C:BA:6A:BE:D1:F7:BD:EF:7B Trust flags: Web sites, email, code signing URL: http://crt.comodoca.com/COMODOCertificationAuthority.crt The COMODO Certification Authority has been assessed in accordance with the Mozilla project guidelines, and the certificate approved for inclusion per bug 401587. The remaining steps are as follows: 1) A representative of the CA must confirm that all the data in this bug is correct, and that the correct certificate(s) have been attached. They must also specify what OS they would like to use to perform the verification below. 2) A Mozilla representative creates a test build of NSS with the new certificate(s), and attaches nssckbi.dll to this bug. A representative of the CA must download this, drop it into a copy of Firefox and/or Thunderbird on the OS in question and confirm (by adding a comment here) that the certificate(s) have been correctly imported and that websites work correctly. 3) The Mozilla representative checks the certificate(s) into the NSS store, and marks the bug RESOLVED FIXED. 4) At some time after that, various Mozilla products will move to using a version of NSS which contains the certificate(s). This process is mostly under the control of the release drivers for those products.
Dear Comodo representatives, you have not yet confirmed the information listed in this bug is correct. I went ahead and included your certificate in a test build anyway. Please read bug 425469 comment 6 to find the binary roots module for testing and follow Frank's requests given in this tracking bug. It's attachment 313260 [details]. Adding your roots to Mozilla/NSS is blocked pending your confirmation that everything is correct. Please do not forget to verify the trust flags are correct.
(in reply to comment #2) Kai, everything looks correct to me. I've tested your attachment 313260 [details] on Firefox 126.96.36.199 / WinXP. The "COMODO Certification Authority" Root Certificate appears correctly in the Certificate Manager. I can browse to our test site https://comodocertificationauthority.comodoca.com successfully. The trust flags are correct. Please check it in to NSS. Thanks.
This root was added to NSS for version 3.12 with a checkin noted in bug 425469. Marking fixed.
Status: NEW → RESOLVED
Last Resolved: 11 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.