Created attachment 529127 [details]
ACCV Root Cert
This bug requests inclusion in the NSS root certificate store of the following
certificate, owned by ACCV.
Friendly name: Root CA Generalitat Valenciana
Certificate location: http://www.pki.gva.es/gestcert/rootca.crt
SHA1 Fingerprint: A0:73:E5:C5:BD:43:61:0D:86:4C:21:13:0A:85:58:57:CC:9C:EA:46
Trust flags: Websites, Email, Code Signing
Test URL: https://www.accv.es/
This CA has been assessed in accordance with the Mozilla project guidelines,
and the certificate approved for inclusion in bug #274100.
The steps are as follows:
1) A representative of the CA must confirm that all the data in this bug is
correct, and that the correct certificate has been attached.
2) A Mozilla representative creates a patch with the new certificate, and
provides a special test version of Firefox.
3) A representative of the CA uses the test version of Firefox to confirm (by
adding a comment in this bug) that the certificate has been correctly
imported and that websites work correctly.
4) The Mozilla representative requests that another Mozilla representative
review the patch.
5) The Mozilla representative adds (commits) the patch to NSS, then closes this
bug as RESOLVED FIXED.
6) At some time after that, various Mozilla products will move to using a
version of NSS which contains the certificate(s). This process is mostly under
the control of the release drivers for those products.
Jose, Please see step #1 above.
The data and the certificate are correct (also work http://www.accv.es/gestcert/rootca.crt )
Thank you very much for your work!
Thanks for confirming that the data in this bug is correct.
Root inclusions are usually grouped and done as a batch when there is
either a large enough set of changes or about every 3 months.
At some point in the next 3 months a test build will be provided and this bug
will be updated to request that you test it. Since you are cc'd on this bug,
you will get notification via email when that happens.
Your test url https://www.accv.es/ is a bad example.
While the main page is loaded using https, all media inside it are loaded with plain http.
This means, you will not get security indicators for that page.
I propose you fix that site, or provide a better test url.
Actually, in my humble opinion, if https://www.accv.es/ is the home page of your certificate authority, I think you should really fix it to serve all content using the secure channel.
Thanks for your advice. This is the default behavior of our cms typo3.
We have several sites to test:
Tell me if you need something more
Thanks in advance
Ok, https://sede.upct.es/ looks good.
The test builds are ready.
Please get one of the following builds, depending on your preferred platform, and follow Kathleen's instructions, see above. Thanks.
I test the builds and they work perfectly.
Thank you very much.
Fixed in bug 671002, done for NSS 3.12.11