Confirmed users, Administrators
5,526
edits
(Updating to remove duplication with the ccadb.org website and instructions documents) |
(Updating to remove duplication with the ccadb.org website and instructions documents) |
||
Line 27: | Line 27: | ||
# Click on the "Submit to Root Store" button. | # Click on the "Submit to Root Store" button. | ||
'''Important''': | |||
* Audit statements must meet the requirements listed in [https://www.ccadb.org/policy#51-audit-statement-content section 5.1 of the CCADB Policy] '''and''' [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/#3-documentation in section 3 of the Mozilla Root Store Policy]. | * Audit statements must meet the requirements listed in [https://www.ccadb.org/policy#51-audit-statement-content section 5.1 of the CCADB Policy] '''and''' [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/#3-documentation in section 3 of the Mozilla Root Store Policy]. | ||
** Also see Mozilla's [[CA/Audit_Statements#Audit_Lifecycle|audit lifecycle requirements]] | ** Also see Mozilla's [[CA/Audit_Statements#Audit_Lifecycle|audit lifecycle requirements]] | ||
Line 35: | Line 35: | ||
* If you are requesting that the Websites (TLS) trust bit be enabled for your root certificate(s), then be sure to provide the 3 test websites (valid, expired, revoked) in the TEST WEBSITES tab. | * If you are requesting that the Websites (TLS) trust bit be enabled for your root certificate(s), then be sure to provide the 3 test websites (valid, expired, revoked) in the TEST WEBSITES tab. | ||
** Click on the 'Test Websites Validation' button, resolve all failures, then click on 'Re-run Validation' | ** Click on the 'Test Websites Validation' button, resolve all failures, then click on 'Re-run Validation' | ||
* Add records to the CCADB for all existing intermediate certificates chaining up to the new root certificate(s). | |||
** https://www.ccadb.org/cas/intermediates | |||
=== Create a "Root Inclusion Request" Case === | === Create a "Root Inclusion Request" Case === | ||
After you have provided information to the CCADB about your CA organization and root certificates, you may use a "Root Inclusion Request" case to request that your root certificate(s) be included in Mozilla's root store, update trust bit settings, and/or enable EV treatment. | |||
# Create a [https://www.ccadb.org/cas/inclusion "Root Inclusion Request" Case] in the CCADB | |||
#* Detailed Instructions: [https://docs.google.com/document/d/1FHSbpNJ3CQOcpVqrj66elKQhTmpllp-IBsDovPy6cOo/edit# Create a Root Inclusion Request] | |||
#* Example: https://ccadb.my.salesforce-sites.com/mozilla/PrintViewForCase?CaseNumber=00000341 | |||
* Fill in all of the fields in the MOZILLA tab | |||
# Click on the "Submit to Root Store" button. | |||
# | |||
''' | '''Important''': | ||
* In the MOZILLA tab, click on the "Print View" button to see the data that will be shared publicly about your request. | |||
* Click on the "Get URLs" button (which may be in the button overflow – upside down triangle) and copy the line that begins with “Mozilla Root Inclusion Case Information:” into a Comment in [[CA/Application_Instructions#Create_Root_Inclusion.2FUpdate_Request|your Bugzilla Bug]]. The line to copy and paste into the Bugzilla Bug looks like: | |||
**Mozilla Root Inclusion Case Information: https://ccadb.my.salesforce-sites.com/mozilla/PrintViewForCase?CaseNumber=00000341 | |||
* Whenever you update data in your Root Inclusion Case in the CCADB, be sure to [[CA/Application_Instructions#Create_Root_Inclusion.2FUpdate_Request|add a comment to your Bugzilla Bug]] to let folks know to re-check the information.''' | |||
* | |||
== CA Primary Point of Contact (POC) == | == CA Primary Point of Contact (POC) == |