Created attachment 529127 [details] ACCV Root Cert This bug requests inclusion in the NSS root certificate store of the following certificate, owned by ACCV. Friendly name: Root CA Generalitat Valenciana Certificate location: http://www.pki.gva.es/gestcert/rootca.crt SHA1 Fingerprint: A0:73:E5:C5:BD:43:61:0D:86:4C:21:13:0A:85:58:57:CC:9C:EA:46 Trust flags: Websites, Email, Code Signing Test URL: https://www.accv.es/ This CA has been assessed in accordance with the Mozilla project guidelines, and the certificate approved for inclusion in bug #274100. The steps are as follows: 1) A representative of the CA must confirm that all the data in this bug is correct, and that the correct certificate has been attached. 2) A Mozilla representative creates a patch with the new certificate, and provides a special test version of Firefox. 3) A representative of the CA uses the test version of Firefox to confirm (by adding a comment in this bug) that the certificate has been correctly imported and that websites work correctly. 4) The Mozilla representative requests that another Mozilla representative review the patch. 5) The Mozilla representative adds (commits) the patch to NSS, then closes this bug as RESOLVED FIXED. 6) At some time after that, various Mozilla products will move to using a version of NSS which contains the certificate(s). This process is mostly under the control of the release drivers for those products.
Jose, Please see step #1 above.
Hi Kathleen The data and the certificate are correct (also work http://www.accv.es/gestcert/rootca.crt ) Thank you very much for your work! Regards
Thanks for confirming that the data in this bug is correct. Root inclusions are usually grouped and done as a batch when there is either a large enough set of changes or about every 3 months. At some point in the next 3 months a test build will be provided and this bug will be updated to request that you test it. Since you are cc'd on this bug, you will get notification via email when that happens.
Your test url https://www.accv.es/ is a bad example. While the main page is loaded using https, all media inside it are loaded with plain http. This means, you will not get security indicators for that page. I propose you fix that site, or provide a better test url.
Actually, in my humble opinion, if https://www.accv.es/ is the home page of your certificate authority, I think you should really fix it to serve all content using the secure channel.
Hi Kai Thanks for your advice. This is the default behavior of our cms typo3. We have several sites to test: https://www.valencia.es/ https://sede.upct.es/ https://www.castello.es/inicio.php?id=cas https://www.dipcas.es/ Tell me if you need something more Thanks in advance Regards
Ok, https://sede.upct.es/ looks good.
The test builds are ready. Please get one of the following builds, depending on your preferred platform, and follow Kathleen's instructions, see above. Thanks. http://firstname.lastname@example.org/try-win32/firefox-8.0a1.en-US.win32.zip http://email@example.com/try-linux/firefox-8.0a1.en-US.linux-i686.tar.bz2 http://firstname.lastname@example.org/try-linux64/firefox-8.0a1.en-US.linux-x86_64.tar.bz2 http://email@example.com/try-macosx64/firefox-8.0a1.en-US.mac.dmg
Hi I test the builds and they work perfectly. Thank you very much. Regards
Fixed in bug 671002, done for NSS 3.12.11