Add Certigna root certificate to NSS

RESOLVED FIXED in 3.12.4

Status

NSS
CA Certificates Code
P2
enhancement
RESOLVED FIXED
9 years ago
9 years ago

People

(Reporter: Kathleen Wilson, Assigned: Nelson Bolyard (seldom reads bugmail))

Tracking

Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [CA confirmed])

Attachments

(1 attachment)

(Reporter)

Description

9 years ago
This bug requests inclusion in the NSS root certificate store of the following
certificate, owned by Certigna of Dhimyotis.

Friendly name: 
Certigna

Certificate location:
http://www.certigna.fr/ca/ACcertigna.crt

SHA1 Fingerprint:
B1:2E:13:63:45:86:A4:6F:1A:B2:60:68:37:58:2D:C4:AC:FD:94:97

Trust flags: Websites, Email

Test URL: 
https://www.certigna.fr

This CA has been assessed in accordance with the Mozilla project guidelines,
and the certificate approved for inclusion in bug 393166.

The next steps are as follows:

1) A representative of the CA must confirm that all the data in this bug is
correct, and that the correct certificate(s) have been attached. They must also
specify what OS they would like to use to perform the verification below.

2) A Mozilla representative creates a test build of NSS with the new
certificate(s), and attaches nssckbi.dll to this bug. A representative of the
CA must download this, drop it into a copy of Firefox and/or Thunderbird on the
OS in question and confirm (by adding a comment here) that the certificate(s)
have been correctly imported and that websites work correctly.

3) The Mozilla representative checks the certificate(s) into the NSS store, and
marks the bug RESOLVED FIXED.

4) At some time after that, various Mozilla products will move to using a
version of NSS which contains the certificate. This process is mostly under the
control of the release drivers for those products.
(Reporter)

Comment 1

9 years ago
Yannick, Please see #1 above.

Comment 2

9 years ago
I confirm that that the data in this bug is correct.
The certificate is correct too.

We would like to use Mac OS 10.5.x, Windows Vista and XP, and Linux Debian to perform the verification.

But if we can choose only one system we would like to perform the test under Windows.

  Yannick Leplard

Comment 3

9 years ago
I have seen on https://wiki.mozilla.org/Releases
that there are two upcoming releases on april :
- Firefox 3.0.8	 April 1	 Build, QA
- Firefox 3.0.9	 mid-April	 Build, QA

Do you think it is possible to be include in one of these releases ?

Thanks.

  Yannick
Created attachment 378159 [details]
The DER cert
(Assignee)

Updated

9 years ago
Depends on: 493660
I have attached a Windows .DLL file to bug 493660.  I believe it contains
the added roots requested in this bug, with the requested (or changed) trust
flags, as requested in comment 0 of this bug.  

Please download that attachment from 
https://bugzilla.mozilla.org/attachment.cgi?id=378202
Check it for viruses, and then follow the instructions given in 
https://bugzilla.mozilla.org/show_bug.cgi?id=493660#c2 
to test it out.  Please report back HERE, in THIS bug, whether it contains
the right cert, by the right name, with the right trust flags.
Assignee: kaie → nelson
Status: NEW → ASSIGNED
Priority: -- → P2
Whiteboard: [Awaiting test confirmation from CA]
Target Milestone: --- → 3.12.4

Comment 6

9 years ago
Everything is ok.
This is the right certificate with the right name and the right trust flags.
(Assignee)

Updated

9 years ago
Whiteboard: [Awaiting test confirmation from CA] → [CA confirmed]
Fixed by checkin of patch for bug 493660.  Will be in FF 3.5
Status: ASSIGNED → RESOLVED
Last Resolved: 9 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.