CA/Intermediate Certificates: Difference between revisions
< CA
Jump to navigation
Jump to search
No edit summary |
m (Added link to included CAs page) |
||
| Line 1: | Line 1: | ||
= Intermediate Certificates = | = Intermediate Certificates = | ||
CAs are required to provide the data for all of their [[CA:SalesforceCommunity#Which_intermediate_certificate_data_should_CAs_add_to_Salesforce.3F|publicly disclosed and audited intermediate certificates]] which chain up to root certificates in Mozilla's program. They do this using the [[CA:SalesforceCommunity|CCADB]]. | [[CA/Included_Certificates|CAs]] are required to provide the data for all of their [[CA:SalesforceCommunity#Which_intermediate_certificate_data_should_CAs_add_to_Salesforce.3F|publicly disclosed and audited intermediate certificates]] which chain up to root certificates in Mozilla's program. They do this using the [[CA:SalesforceCommunity|CCADB]]. | ||
The following reports are '''generated once per day''' and include valid intermediates and expired intermediates but not revoked intermediates: | The following reports are '''generated once per day''' and include valid intermediates and expired intermediates but not revoked intermediates: | ||
Revision as of 19:27, 4 May 2017
Intermediate Certificates
CAs are required to provide the data for all of their publicly disclosed and audited intermediate certificates which chain up to root certificates in Mozilla's program. They do this using the CCADB.
The following reports are generated once per day and include valid intermediates and expired intermediates but not revoked intermediates:
- Intermediate CA Certificates (HTML)
- Intermediate CA Certificates (CSV)
- Intermediate CA Certificates (CSV with PEM of raw certificate data)
The following reports list revoked intermediates:
- Revoked Intermediate CA Certificates (HTML)
- Revoked Intermediate CA Certificates (CSV)
- Revoked Intermediate CA Certificates (CSV with PEM of raw certificate data)
Firefox (version 37 and later) uses the OneCRL system, which pushes a list of revoked certificates to the browser. It includes (or should include) all the revoked intermediates in the above report.