Per bug #532377 the request from Certum has been approved to enable its root certificate for EV use. Please make the corresponding changes to PSM. The relevant information is as follows. Friendly name: Certum Trusted Network CA SHA1 Fingerprint: 07:E0:32:E0:20:B7:2C:3F:19:2F:06:28:A2:59:3A:19:A7:0F:06:9E EV Policy OID: 1.2.616.1.113522.214.171.124.1 Test URL: https://juice.certum.pl/
Michal, Please confirm that the above information is correct. Also, please perform the testing described on the following wiki page, and post a comment in this bug when the testing has been successfully completed. https://wiki.mozilla.org/PSM:EV_Testing_Easy_Version
I've successfully completed the EV test.
Your test server does not send the full chain of certificates that are necessary to find the path from server cert to root cert.
After manually importing your intermediate from http://repository.certum.pl/evca.cer I was able to connect to your test site and got a green EV status. (Please make sure that you instruct your customers how to install the required intermediate cert when they install server theirs on their servers. The end entity is not sufficient, because Firefox does not automatically fetch intermediates.)
Sorry for that. We have moved this site to another server and bundle file with root certificates was missed during this process. It's been fixed and working fine now.
A test version of Firefox is available at http://firstname.lastname@example.org/ Please download soon. (This will go away after 3 days. Once it's gone, it will be available here http://email@example.com/ for another 10 days, after which it will be deleted automatically.) Please note this build is based on a nightly development/test version of Firefox. It might be unstable and have bugs. Please be careful. It's best to use a "fresh, empty profile", for your testing. (Search the web how to use separate profiles, start the profile manager, with Firefox). This is also recommended to make sure you're not testing your own certificate database, but really this software with the embedded certs. This test build contains your new roots, and if you have requested to, it also has the roots enabled for EV. Please make sure you add a confirmation comment in BOTH separate bugs (one for adding the root, one for enabling for EV, if applicable). Please note, adding your roots, and enabling roots for EV might happen in separate releases, although we try to do it all in the same release.
TODO, in this bug, please confirm that your root has been correctly enabled for EV.
I confirm that root has been correctly added and enabled for EV.
fixed in bug 642144