搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

了解更多

What are the precedural requirements for a certification authority to trust its certificate by firefoxfox?

  • 7 回覆
  • 3 有這個問題
  • 11 次檢視
  • 最近回覆由 cor-el

more options

Dear Sir,

I am a staff from a Certification Authority that is situated in Asia Region. As our CA is new, we would like to know the steps and procedures to import our Root CA certificates into the Firefox browser.

With Regards,

Dear Sir, I am a staff from a Certification Authority that is situated in Asia Region. As our CA is new, we would like to know the steps and procedures to import our Root CA certificates into the Firefox browser. With Regards,

所有回覆 (7)

more options

I think this is a legal issue that I'm not able to cover well.

As I see, these are the certificates trusted by Firefox: http://www.mozilla.org/projects/security/certs/included/

The best thing you may do is contact the Firefox staff and ask them for help.

Remember you need to certificate that your CA meets all the standards and specifications and certifies only trusted non-malware websites.

more options

Thanks in advance. If you know the contact e-mail address of firefox support team or legal administration, please share us cause we are still finding how to contact firefox.

With Regards,

more options

I think you will need to get to one of the Mozilla Foundation offices and ask personally for help. Here you can find where are those offices. Firefox - Contact us

more options

Yes, I see. Thanks for the information. Regards.

more options
more options

The above information is very useful for me. In fact, the problem is the SSL certificate which is sold from our CA is untrust because of our RootCa which is not included in firefox trust store. What i want to know is "Is that possible that our CA is cross with Other RootCA that is included in Firefox trust store. "

if it is possible, could you please share me knowledge?

With Regards

more options

See also:

If your root certificate chains to a recognized build-in root certificate then you need to send it as part of the certificate chain.
If it is self signed then it only works if users would install the root certificate.