Accountapprovers, antispam, confirm, emeritus
4,925
edits
Changes
Move included CAs to their own page
The Mozilla CA Certificate Program's list of included root certificates is stored in a file called [https://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txt certdata.txt] in the Mozilla source code management system.
If you are '''choosing a CA to provide a certificate for your website''', we have a list of [https://ccadb-public.secure.force.com/mozilla/CACertificatesInFirefoxReport all CAs root certificates that Firefox trusts for SSL/TLS], together with contact information and geographical focus for each the owning CA.
If you are '''embedding our root store''', you need to know that we have imposed some restrictions that on certain CAs or certificates which are not encoded in certdata.txt. These are [[CA/Additional_Trust_Changes|documented]] on a best-efforts basis.
* [https://ccadb-public.secure.force.com/mozilla/IncludedCACertificateReport Included CA Certificates] (HTML)
* [https://ccadb-public.secure.force.com/mozilla/IncludedCACertificateReportCSVFormat Included CA Certificates] (CSV)
* [https://ccadb-public.secure.force.com/mozilla/IncludedCACertificateReportPEMCSV Included CA Certificates] (CSV with PEM of raw certificate data)
