Closed
Bug 446407
Opened 16 years ago
Closed 16 years ago
Refresh the GlobalSign Root CA cert in NSS
Categories
(NSS :: Libraries, enhancement)
NSS
Libraries
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: hecker, Assigned: KaiE)
References
Details
Per bug 406794 I have approved the request from GlobalSign to refresh its existing GlobalSign Root CA certificate with a new certificate with a later expiry date.
The relevant information for the new root CA cert is as follows:
Name: GlobalSign Root CA
SHA-1 fingerprint:
B1 BC 96 8B D4 F4 9D 62 2A A8 9A 81 F2 15 01 52 A4 1D 82 9C
Root cert URL:
http://secure.globalsign.net/cacert/Root-R1.crt
Steve, can you please do a final confirmation that this is the correct root?
Note: I believe (but need confirmation from those who know more about this than I) that once this new root is added the old GlobalSign Root CA can and should be removed from NSS. In any case you have my approval for that removal if it is appropriate from a technical point of view.
Assignee | ||
Comment 1•16 years ago
|
||
Steve, can you please confirm ASAP?
Assignee | ||
Comment 2•16 years ago
|
||
I intend to remove the old GlobalSign Root CA
and replace it with the cert.
I intend to keep the existing trust flags, which are currently enabled for all purposes.
Assignee | ||
Comment 3•16 years ago
|
||
Please verify that our intended code change works as expected.
Please get Firefox 2 for Windows, move away file nssckbi.dll, get attachment 333022 [details], unzip it and place nssckbi.dll into your firefox 2 installation directory.
When you do this you should be able to open certificate manager and find the new root.
Assignee | ||
Comment 4•16 years ago
|
||
No feedback, no inclusion.
Comment 5•16 years ago
|
||
The new certificate looks to be correct and the trust flags are marked as expected.
Thanks,
Steve
Assignee | ||
Comment 6•16 years ago
|
||
Marking fixed, the code change was done in bug 449883.
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•