Add COMODO Certification Authority certificate to NSS

RESOLVED FIXED in 3.11.10

Status

--
enhancement
RESOLVED FIXED
11 years ago
10 years ago

People

(Reporter: hecker, Assigned: kaie)

Tracking

unspecified
3.11.10
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

(Reporter)

Description

11 years ago
This bug requests inclusion in the NSS root certificate store of the following root CA certificate, owned by Comodo:

1) Friendly name: "COMODO Certification Authority"
   SHA-1 fingerprint:
66:31:BF:9E:F7:4F:9E:B6:C9:D5:A6:0C:BA:6A:BE:D1:F7:BD:EF:7B
   Trust flags: Web sites, email, code signing
   URL:
http://crt.comodoca.com/COMODOCertificationAuthority.crt

The COMODO Certification Authority has been assessed in accordance with the Mozilla project guidelines, and the certificate approved for inclusion per bug 401587.

The remaining steps are as follows:

1) A representative of the CA must confirm that all the data in this bug is correct, and that the correct certificate(s) have been attached. They must also specify what OS they would like to use to perform the verification below.

2) A Mozilla representative creates a test build of NSS with the new certificate(s), and attaches nssckbi.dll to this bug. A representative of the CA must download this, drop it into a copy of Firefox and/or Thunderbird on the OS in question and confirm (by adding a comment here) that the certificate(s) have been correctly imported and that websites work correctly.

3) The Mozilla representative checks the certificate(s) into the NSS store, and marks the bug RESOLVED FIXED.

4) At some time after that, various Mozilla products will move to using a version of NSS which contains the certificate(s). This process is mostly under the control of the release drivers for those products.
(Reporter)

Comment 1

11 years ago
Created attachment 313139 [details]
COMODO Certification Authority certificate
(Reporter)

Updated

11 years ago
Blocks: 426572
(Assignee)

Updated

11 years ago
Depends on: 425469
(Assignee)

Comment 2

11 years ago
Dear Comodo representatives, you have not yet confirmed the information
listed in this bug is correct.

I went ahead and included your certificate in a test build anyway.
Please read bug 425469 comment 6 to find the binary roots module for testing
and follow Frank's requests given in this tracking bug.
It's attachment 313260 [details].

Adding your roots to Mozilla/NSS is blocked pending your confirmation that
everything is correct.

Please do not forget to verify the trust flags are correct.

Comment 3

11 years ago
(in reply to comment #2)

Kai, everything looks correct to me.

I've tested your attachment 313260 [details] on Firefox 2.0.0.13 / WinXP.
The "COMODO Certification Authority" Root Certificate appears correctly in the Certificate Manager.
I can browse to our test site https://comodocertificationauthority.comodoca.com successfully.
The trust flags are correct.

Please check it in to NSS.  Thanks.
(Assignee)

Comment 4

11 years ago
This root was added to NSS for version 3.12 with a checkin noted in bug 425469.
Marking fixed.
Status: NEW → RESOLVED
Last Resolved: 11 years ago
Resolution: --- → FIXED
(Assignee)

Updated

10 years ago
Target Milestone: --- → 3.12
(Assignee)

Updated

10 years ago
Target Milestone: 3.12 → 3.11.10
You need to log in before you can comment on or make changes to this bug.