Closed
Bug 478573
Opened 16 years ago
Closed 16 years ago
Add S-TRUST Authentication and Encryption Root CA 2005:PN root certificate to NSS
Categories
(NSS :: CA Certificates Code, task, P2)
NSS
CA Certificates Code
Tracking
(Not tracked)
RESOLVED
FIXED
3.12.4
People
(Reporter: kathleen.a.wilson, Assigned: nelson)
References
Details
(Whiteboard: [Awaiting test confirmation from CA])
Attachments
(1 file)
|
1.12 KB,
application/octet-stream
|
Details |
This bug requests inclusion in the NSS root certificate store of the following certificate, owned by S-TRUST.
Friendly name:
S-TRUST Authentication and Encryption Root CA 2005:PN
Certificate location:
http://www.s-trust.de/service_support/zertifikatsmanagement/verzeichnisdienste/download_wurzelzertifikate/ordner_crt_dateien/authentication.crt
SHA1 Fingerprint:
BE:B5:A9:95:74:6B:9E:DF:73:8B:56:E6:DF:43:7A:77:BE:10:6B:81
Trust flags: Email
Test URL:
https://bugzilla.mozilla.org/attachment.cgi?id=357849
This CA has been assessed in accordance with the Mozilla project guidelines, and the certificate approved for inclusion in bug 370627.
The next steps are as follows:
1) A representative of the CA must confirm that all the data in this bug is correct, and that the correct certificate(s) have been attached. They must also specify what OS they would like to use to perform the verification below.
2) A Mozilla representative creates a test build of NSS with the new certificate(s), and attaches nssckbi.dll to this bug. A representative of the CA must download this, drop it into a copy of Firefox and/or Thunderbird on the OS in question and confirm (by adding a comment here) that the certificate(s) have been correctly imported and that websites work correctly.
3) The Mozilla representative checks the certificate(s) into the NSS store, and marks the bug RESOLVED FIXED.
4) At some time after that, various Mozilla products will move to using a version of NSS which contains the certificate. This process is mostly under the control of the release drivers for those products.
|
Reporter | |
Comment 1•16 years ago
|
||
Marcus, Please see #1 above.
|
Assignee | |
Updated•16 years ago
|
Assignee: nobody → kaie
|
||
Comment 2•16 years ago
|
||
Herewith I confirm that all the data in this bug is correct, and that the correct certificate(s) have been attached.
We will use MS XP professional to perform the verification.
Thanks to all who participated in this process and this bug for your support.
Marcus
|
|
Assignee | |
Updated•16 years ago
|
Component: Libraries → CA Certificates
QA Contact: libraries → root-certs
|
||
Comment 3•16 years ago
|
||
Could you please send a signed S/Mime test email to my email account, which was signed using a cert issued by this new CA? Thanks.
|
|
||
Comment 4•16 years ago
|
||
A test firefox build is available here:
Please verify it contains your root CA cert with the correct trust flags.
You may be able to import one of your test email certificates (exclude private key) and look at it with cert viewer. It should be reported as verified.
https://build.mozilla.org/tryserver-builds/2009-03-11_10:52-kaie@kuix.de-kaie-evroots-0903/
Please give feedback whether it looks right.
Thanks.
|
|
||
Comment 5•16 years ago
|
||
20 days have passed and no feedback received.
|
|
||
Comment 6•16 years ago
|
||
Dear board-members,
what is the status of the implementation of our S-TRUST CA?
I can´t download the test firefox.
What is our part to finish this process ?
Thanks for your sopport
Marcus
|
||
Comment 7•16 years ago
|
||
Kai, can you please provide another tryserver build?
Markus, when the try build is available again, follow the instructions from comment 4 (rather soonish, since tryserver builds happen to disappear after a short amount of time).
|
|
Assignee | |
Comment 8•16 years ago
|
||
In reply to comment 0,
> Friendly name:
> S-TRUST Authentication and Encryption Root CA 2005:PN
Friendly names cannot have ':' characters in them.
Would the following be an acceptable alternative?
S-TRUST Authentication and Encryption Root CA 2005 PN
|
|
Assignee | |
Comment 9•16 years ago
|
||
|
|
Assignee | |
Comment 10•16 years ago
|
||
I have attached a Windows .DLL file to bug 493660. I believe it contains
the added roots requested in this bug, with the requested (or changed) trust
flags, as requested in comment 0 of this bug.
Please download that attachment from
https://bugzilla.mozilla.org/attachment.cgi?id=378202
Check it for viruses, and then follow the instructions given in
https://bugzilla.mozilla.org/show_bug.cgi?id=493660#c2
to test it out. Please report back HERE, in THIS bug, whether it contains
the right cert, by the right name, with the right trust flags.
Assignee: kaie → nelson
Status: NEW → ASSIGNED
Priority: -- → P2
Whiteboard: [Awaiting test confirmation from CA]
Target Milestone: --- → 3.12.4
|
|
Assignee | |
Comment 11•16 years ago
|
||
Fixed by checkin of patch for bug 493660. Will be in FF 3.5
Status: ASSIGNED → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
|
|
||
Comment 12•16 years ago
|
||
After chanching the dll in Mozilla Firefox our aut/enc certificate seems to be included correctly. (Using FF version 3.0.11)
You need to log in
before you can comment on or make changes to this bug.
Description
•