Closed
Bug 449393
Opened 16 years ago
Closed 16 years ago
Add WellsSecure Public Root Certificate Authority root to NSS
Categories
(NSS :: Libraries, enhancement)
NSS
Libraries
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: hecker, Assigned: KaiE)
References
Details
Per bug 428390 I have approved the request from Wells Fargo to add its WellsSecure Public Root Certificate Authority certificate to NSS with the SSL trust bit (only) enabled. The relevant information for the new root CA cert is as follows: Name: WellsSecure Public Root Certificate Authority SHA-1 fingerprint: E7 B4 F6 9D 61 EC 90 69 DB 7E 90 A7 40 1A 3C F4 7D 4F E8 EE Root cert URL: http://crl.pki.wellsfargo.com/wsprca.crt Trust bits: SSL (only) Gordon, can you please do a final confirmation that this is the correct root?
|
||
Comment 1•16 years ago
|
||
Frank, I confirm that the root requested for inclusion contains the Common Name: WellsSecure Public Root Certificate Authority Sha-1 fingerprint: e7 b4 f6 9d 61 ec 90 69 db 7e 90 a7 40 1a 3c f4 7d 4f e8 ee thank you! ~Gordon
|
Assignee | |
Comment 2•16 years ago
|
||
Please verify that our intended code change works as expected.
Please get Firefox 2 for Windows, move away file nssckbi.dll, get attachment 333022 [details], unzip it and place nssckbi.dll into your firefox 2 installation directory.
When you do this you should be able to open certificate manager and find the new root.
|
|
Assignee | |
Comment 3•16 years ago
|
||
No feedback, no inclusion.
|
|
||
Comment 4•16 years ago
|
||
(In reply to comment #3) > No feedback, no inclusion. Kai, Was the request in comment #2 for Wells Fargo? If so, I will test this morning, as soon as possible! ~Gordon Young Wells Fargo
|
|
Assignee | |
Comment 5•16 years ago
|
||
Gordon, yes comment 2 was for Wells Fargo. Before we add a new root, we require that you confirm that our intended changes match your expectations, because we have had some confusion in the past when we skipped this step. Basically get firefox 2, drop in the provided test dll, and test whether the new root is present as expected and works as expected. Thanks. (Usually Frank pastes a much longer set of instructions in his original bug comment, which includes mentioning this step)
|
|
||
Comment 6•16 years ago
|
||
Kai, The update works as expected! A basic test using the attached library, calling an internal test site that chains up to the root for inclusion was a sucess. I verify/confirm that the requested code change does work as intended by Wells Fargo. ~Gordon Young Wells Fargo
|
|
||
Comment 7•16 years ago
|
||
For Frank or Kai: Will a test for FF v3 be provided, should it be assumend that the same code change will happen in v3? As well will we be able to test for EV SSL meta data and EV SSL visual indicator? ~Gordon
|
|
Assignee | |
Comment 8•16 years ago
|
||
Gordon, at this time we do not provide binary builds that allow you to test EV, because that is not limited to NSS, it would require a full firefox application build. Too much work. But did you see my comment and request in bug 449394? I ask that you please provide a link to a sample site so that I can do a basic EV test.
|
|
||
Comment 9•16 years ago
|
||
Hi Kai, Per 449394: Please try this site: https://nerys.wellsfargo.com/test.html ~Gordon
|
|
Assignee | |
Comment 10•16 years ago
|
||
Thanks Gordon. All future discussion regarding EV should take place in bug 449394.
|
|
Assignee | |
Comment 11•16 years ago
|
||
Marking fixed, the code change was done in bug 449883.
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•