Confirmed users
377
edits
CA/Information Checklist: Difference between revisions
Jump to navigation
Jump to search
→Create a Root Inclusion Case: Updating CCADB instructions
m (format update) |
(→Create a Root Inclusion Case: Updating CCADB instructions) |
||
| Line 12: | Line 12: | ||
== Create a Root Inclusion Case == | == Create a Root Inclusion Case == | ||
'''UNDER REVISION''' | |||
If your CA does not yet have access to the CCADB, then you may request access here: | If your CA does not yet have access to the CCADB, then you may request access here: | ||
* https://ccadb.org/cas/request-access | * https://ccadb.org/cas/request-access | ||
| Line 19: | Line 20: | ||
#*Click on the 'My CA' tab | #*Click on the 'My CA' tab | ||
#*Click on the 'CASES' tab under the CA Owner’s name, near the top left corner of the page | #*Click on the 'CASES' tab under the CA Owner’s name, near the top left corner of the page | ||
#* Click on the ' | #* Click on the 'New' button, which is on the right side of the page, below the 'Get URLs' button | ||
#* Select ' | #* Select 'Add/Update Root Request', and click on 'Next' | ||
#* Type in information for the 'Subject', e.g. Example CA New Root Certificates | |||
#* Click on the 'Save' button. | #* Click on the 'Save' button. | ||
#** There will be a green bar shown across the top of the page, which says “Case ###### was created. Click on the number in | #** There will be a green bar shown across the top of the page, which says “Case ###### was created. Click on the number in the list below (the same which was provided by green bar) to view the new Case. | ||
#** Otherwise go back to the 'CASES' tab in 'My CA', and click on the number in the top row of the 'Case' column. | #** Otherwise, go back to the 'CASES' tab in 'My CA', and click on the number in the top row of the 'Case' column. | ||
# | #Items that need to be completed appear in five tabs in a row near the top - "CA OWNER" "AUDITS" "POLICY DOCUMENTS" "ROOT INFORMATION" and "TEST WEBSITES". ("CASE PROGRESS" shows the status of each of the five tabs.) | ||
#Click on the | #Click on the "ROOT INFORMATION" tab, then "Add/Select Root Certificates", and then "Add Root Certificate to the CCADB" | ||
# | #Paste the PEM information for the Root Certificate in the box, click on "Validate PEM". | ||
#If validation is successful, click on the “Create Root Certificate in CCADB” button. | |||
#Fill in the data for the required fields for the root under the “ROOT INFORMATION” tab. | |||
#Repeat this process for each of the Root Certificates that need to be added. | |||
#Complete information required under the other tabs: "CA OWNER" "AUDITS" "POLICY DOCUMENTS", and if applicable, "TEST WEBSITES". | |||
#When all requested information has been completed, click on the “Submit to Root Store” button | |||
'''AUDITS''' | |||
#* Audit statements must meet the requirements listed in [https://www.ccadb.org/policy#51-audit-statement-content section 5.1 of the Common CCADB Policy] | #* Audit statements must meet the requirements listed in [https://www.ccadb.org/policy#51-audit-statement-content section 5.1 of the Common CCADB Policy] | ||
#* CCADB automatically converts WebTrust Seal URLs into PDF URLs when you click on ‘Save’ | #* CCADB automatically converts WebTrust Seal URLs into PDF URLs when you click on ‘Save’ | ||
#* Note Mozilla's [[CA/Audit_Statements#Audit_Lifecycle|audit lifecycle requirements]] | #* Note Mozilla's [[CA/Audit_Statements#Audit_Lifecycle|audit lifecycle requirements]]#Be sure to select "Applicable Root Certificates" and click on the inverted triangle ("Edit") to select root certificates covered by the audit. | ||
# | #Indicate which existing root certificates are part of this root inclusion or update request. | ||
#*For each root certificate to be considered in your request, check the appropriate boxes in the "Root Stores Applying To" column | #*For each root certificate to be considered in your request, check the appropriate boxes in the "Root Stores Applying To" column | ||
#*For each root certificate to be considered in your request, check the boxes corresponding to the audit statements that apply. | #*For each root certificate to be considered in your request, check the boxes corresponding to the audit statements that apply. | ||
#*Then click on the 'Apply Changes' button. This will create corresponding Root Cases. | #*Then click on the 'Apply Changes' button. This will create corresponding Root Cases. | ||
'''POLICY DOCUMENTS''' | |||
# Click on the 'Update Policy Documents' button to provide current CP/CPS information. | # Click on the 'Update Policy Documents' button to provide current CP/CPS information. | ||
#* Click on the 'Help' button in the 'Add Policy Documents' page for instructions | #* Click on the 'Help' button in the 'Add Policy Documents' page for instructions | ||
#* Update existing policy document information, or add new policy documents via the 'Add Policy Document' button | #* Update existing policy document information, or add new policy documents via the 'Add Policy Document' button | ||
#* Click on the checkmark to save each set of changes before clicking on the ‘Go Back’ button to return to the Case | #* Click on the checkmark to save each set of changes before clicking on the ‘Go Back’ button to return to the Case | ||
'''TEST WEBSITES''' | |||
#Click on the ‘Edit Test Websites’ button (which may be in the button overflow – upside down triangle) to enter the test websites for new root certificates if you are requesting the Websites (TLS/SSL) trust bit. | #Click on the ‘Edit Test Websites’ button (which may be in the button overflow – upside down triangle) to enter the test websites for new root certificates if you are requesting the Websites (TLS/SSL) trust bit. | ||
#* Click on the 'Test Websites Validation' button, resolve all failures, then click on 'Re-run Validation' | #* Click on the 'Test Websites Validation' button, resolve all failures, then click on 'Re-run Validation' | ||