Confirmed users, Administrators
5,526
edits
Line 6: | Line 6: | ||
= EV-Readiness Check = | = EV-Readiness Check = | ||
To test your CA hierarchy to see if it is ready | To test your CA hierarchy to see if it is ready to request EV treatment: | ||
# Browse to http://cert-checker.allizom.org/ | # Browse to http://cert-checker.allizom.org/ | ||
# Enter the URL to the test website for the EV certificate | # Enter the URL to the test website for the EV certificate | ||
# Enter the PEM file for the root certificate (ending of file may be .pem or .cert) | # Enter the PEM file for the root certificate (ending of file may be .pem or .cert) | ||
# Enter the EV Policy OID | # Enter the EV Policy OID | ||
# The Description | # The Description, e.g. "CA Name EV OID" | ||
# Click on Run Checker | # Click on "Run Checker" | ||
A successful output will have the following form, as documented in [https://mxr.mozilla.org/mozilla-central/source/security/certverifier/ExtendedValidation.cpp ExtendedValidation.cpp] | A successful output will have the following form, as documented in [https://mxr.mozilla.org/mozilla-central/source/security/certverifier/ExtendedValidation.cpp ExtendedValidation.cpp] | ||
{| | |||
|- | |||
! !! !! | |||
|- | |||
| || // CN=<CN of root cert>,OU=<OU of root cert>,O=<O of root cert>C=<C of root cert> || | |||
|- | |||
| || "1.3.6.1.4.1.13769.9.1", || //EV Policy OID | |||
|- | |||
| || "CA Name EV OID", || //From Description field | |||
|- | |||
| || SEC_OID_UNKNOWN, || | |||
|- | |||
| || { 0x2D, 0x94, 0x52, 0x70, 0xAA, 0x92, 0x13, 0x0B, 0x1F, 0xB1, 0x24, || //SHA-256 fingerprint | |||
|- | |||
| || 0x0B, 0x24, 0xB1, 0xEE, 0x4E, 0xFB, 0x7C, 0x43, 0x45, 0x45, 0x7F, || | |||
|- | |||
| || 0x97, 0x6C, 0x90, 0xBF, 0xD4, 0x8A, 0x04, 0x79, 0xE4, 0x68 }, || | |||
|- | |||
| || "MIGnMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExFjAUBgNVBAcMDU1vdW50YWlu"|| //Issuer DER Base64 | |||
|- | |||
| || "IFZpZXcxIzAhBgNVBAoMGk1vemlsbGEgLSBFViBkZWJ1ZyB0ZXN0IENBMR0wGwYD" || | |||
|- | |||
| || "VGVzdGluZyAodW50cnVzdHdvcnRoeSkgQ0E=",|| | |||
|- | |||
| || "At+3zdo=", || //Serial DER Base64 | |||
|- | |||
| || Success! || | |||
|- | |||
|} | |||
= OLD -- Overview = | = OLD -- Overview = |