We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Cerca nel supporto

Attenzione alle mail truffa. Mozilla non chiederà mai di chiamare o mandare messaggi a un numero di telefono o di inviare dati personali. Segnalare qualsiasi attività sospetta utilizzando l'opzione “Segnala abuso”.

Ulteriori informazioni

Inquiry Regarding Removal of Certificates with Specific SHA1 Fingerprints

more options

Dear Mozilla Firefox Team,

I hope this message finds you well.

I am writing to inquire about the removal of the following SSL/TLS certificates from Firefox's trusted certificate store. These certificates are identified by the following SHA1 fingerprints:

SHA1 Fingerprint: ff:bd:cd:e7:82:c8:43:5e:3c:6f:26:86:5c:ca:a8:3a:45:5b:c3:0a SHA1 Fingerprint: b8:be:6d:cb:56:f1:55:b9:63:d4:12:ca:4e:06:34:c7:94:b2:1c SHA1 Fingerprint: 58:d1:df:95:95:67:6b:63:c0:f0:5b:1c:17:4d:8b:84:0b:c8:78 SHA1 Fingerprint: e9:a8:5d:22:14:52:1c:5b:aa:0a:b4:be:24:6a:23:8a:c9:ba:e2 SHA1 Fingerprint: 8a:2f:af:57:53:b1:b0:e6:a1:04:ec:5b:6a:69:71:6d:f6:1c:e2:84 SHA1 Fingerprint: ae:c5:fb:3f:c8:e1:bf:c4:e5:4f:03:07:5a:9a:e8:00:b7:f7:b6 Could you kindly provide clarification as to why these specific certificates were removed? Understanding the rationale behind this decision will help us assess any potential impact on our systems and ensure that we are adhering to the best practices for security.

Thank you in advance for your attention to this matter. I look forward to your response.

Best regards, Vamsi [edited email from public]

Dear Mozilla Firefox Team, I hope this message finds you well. I am writing to inquire about the removal of the following SSL/TLS certificates from Firefox's trusted certificate store. These certificates are identified by the following SHA1 fingerprints: SHA1 Fingerprint: ff:bd:cd:e7:82:c8:43:5e:3c:6f:26:86:5c:ca:a8:3a:45:5b:c3:0a SHA1 Fingerprint: b8:be:6d:cb:56:f1:55:b9:63:d4:12:ca:4e:06:34:c7:94:b2:1c SHA1 Fingerprint: 58:d1:df:95:95:67:6b:63:c0:f0:5b:1c:17:4d:8b:84:0b:c8:78 SHA1 Fingerprint: e9:a8:5d:22:14:52:1c:5b:aa:0a:b4:be:24:6a:23:8a:c9:ba:e2 SHA1 Fingerprint: 8a:2f:af:57:53:b1:b0:e6:a1:04:ec:5b:6a:69:71:6d:f6:1c:e2:84 SHA1 Fingerprint: ae:c5:fb:3f:c8:e1:bf:c4:e5:4f:03:07:5a:9a:e8:00:b7:f7:b6 Could you kindly provide clarification as to why these specific certificates were removed? Understanding the rationale behind this decision will help us assess any potential impact on our systems and ensure that we are adhering to the best practices for security. Thank you in advance for your attention to this matter. I look forward to your response. Best regards, Vamsi [edited email from public]

Modificato da James il

Tutte le risposte (2)

more options

Who validates SSL/TLS certificates?

A certificate authority (CA) is an organization that sells SSL/TLS certificates to web owners, web hosting companies, or businesses. The CA validates the domain and owner details before issuing the SSL/TLS certificate. To be a CA, an organization must meet specific requirements set by the operating system, browsers, or mobile devices company and apply to be listed as a root certificate authority. This is important to establish trust amongst internet users. For example, Amazon Trust Services is a certificate authority and can issue SSL/TLS certificates to websites.

You should check with the CA about your issues.

È stato utile?

more options

Hi Vamsi, your question is beyond the scope for this support forum, but here are some resources to pursue an answer to your question:

(1) Root Certificate policy

https://www.mozilla.org/about/governance/policies/security-group/certs/policy/

(2) Mailing list

https://groups.google.com/a/mozilla.org/g/dev-security-policy

È stato utile?

Richiedi supporto

Bisogna accedere al proprio account per rispondere nelle discussioni. Se non si possiede ancora un account, inserire una nuova richiesta.