Confirmed users, Administrators
5,526
edits
CA:SalesforceCommunity: Difference between revisions
m
Automated Import Capability
m (Clarification about technically constrained intermediate certs) |
m (Automated Import Capability) |
||
| Line 95: | Line 95: | ||
* The "Clone" button will not copy the cert data (which is extracted from PEM data); it will only copy the other fields such as the policy documentation and audit information. | * The "Clone" button will not copy the cert data (which is extracted from PEM data); it will only copy the other fields such as the policy documentation and audit information. | ||
* PEM data must be provided for every intermediate certificate (chaining up to a root certificate in Mozilla's program) that is not [[CA:CertificatePolicyV2.1#Technical_Constraints_or_Auditing.2FDisclosure_of_Intermediate_Certificates|Technically Constrained]] via Extended Key Usage and Name Constraint settings. Policy documentation and audit statements must also be provided for these non-technically-constrained intermediate certificates, as per section 10 of [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/inclusion/ Mozilla's CA Certificate Inclusion Policy]. | * PEM data must be provided for every intermediate certificate (chaining up to a root certificate in Mozilla's program) that is not [[CA:CertificatePolicyV2.1#Technical_Constraints_or_Auditing.2FDisclosure_of_Intermediate_Certificates|Technically Constrained]] via Extended Key Usage and Name Constraint settings. Policy documentation and audit statements must also be provided for these non-technically-constrained intermediate certificates, as per section 10 of [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/inclusion/ Mozilla's CA Certificate Inclusion Policy]. | ||
* [[CA:SalesforceCommunity:MassImport|Automated Data Import]] is available for CAs who have a very large number of intermediate certificates to be added. | |||
=== Clone === | === Clone === | ||