PSM:EV Testing Easy Version: Difference between revisions

PSM:EV Testing Easy Version (view source)

Revision as of 22:36, 22 September 2014

644 bytes added , 22 September 2014

→‎EV-Readiness Check

Kathleen Wilson

Confirmed users, Administrators

5,526

edits

@@ Line 6: / Line 6: @@
 = EV-Readiness Check =
-To test your CA hierarchy to see if it is ready for EV treatment:
+To test your CA hierarchy to see if it is ready to request EV treatment:
-# [https://support.mozilla.org/en-US/kb/profile-manager-create-and-remove-firefox-profiles#w_creating-a-profile Create a new Firefox profile]
-# Open Firefox with your new profile
 # Browse to http://cert-checker.allizom.org/
 # Enter the URL to the test website for the EV certificate
 # Enter the PEM file for the root certificate (ending of file may be .pem or .cert)
 # Enter the EV Policy OID
-# The Description field is optional
+# The Description, e.g. "CA Name EV OID"
-# Click on Run Checker
+# Click on "Run Checker"
 A successful output will have the following form, as documented in [https://mxr.mozilla.org/mozilla-central/source/security/certverifier/ExtendedValidation.cpp ExtendedValidation.cpp]
-*
+{|
+|-
+!    !!    !!
+|-
+|  || // CN=<CN of root cert>,OU=<OU of root cert>,O=<O of root cert>C=<C of root cert> ||
+|-
+|  || "1.3.6.1.4.1.13769.9.1", || //EV Policy OID
+|-
+|  || "CA Name EV OID", || //From Description field
+|-
+|  || SEC_OID_UNKNOWN, ||
+|-
+|  || { 0x2D, 0x94, 0x52, 0x70, 0xAA, 0x92, 0x13, 0x0B, 0x1F, 0xB1, 0x24, || //SHA-256 fingerprint
+|-
+|  || 0x0B, 0x24, 0xB1, 0xEE, 0x4E, 0xFB, 0x7C, 0x43, 0x45, 0x45, 0x7F, ||
+|-
+|  || 0x97, 0x6C, 0x90, 0xBF, 0xD4, 0x8A, 0x04, 0x79, 0xE4, 0x68 }, ||
+|-
+|  || "MIGnMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExFjAUBgNVBAcMDU1vdW50YWlu"|| //Issuer DER Base64
+|-
+|  || "IFZpZXcxIzAhBgNVBAoMGk1vemlsbGEgLSBFViBkZWJ1ZyB0ZXN0IENBMR0wGwYD" ||
+|-
+|  ||  "VGVzdGluZyAodW50cnVzdHdvcnRoeSkgQ0E=",||
+|-
+|  || "At+3zdo=", || //Serial DER Base64
+|-
+|  || Success! ||
+|-
+|}
 = OLD -- Overview =