Confirmed users, Administrators
5,526
edits
CA:SalesforceCommunity: Difference between revisions
Jump to navigation
Jump to search
→Data that CAs can Add/Modify
| Line 50: | Line 50: | ||
= Data that CAs can Add/Modify = | = Data that CAs can Add/Modify = | ||
With a Salesforce CA Community license, CAs can view root and intermediate certificate data for all of the CAs in Salesforce. | With a Salesforce CA Community license, CAs can view root and intermediate certificate data for all of the CAs in Salesforce. | ||
* CAs '''can''' modify: | * CAs '''can''' modify records for: | ||
** [[CA:SalesforceCommunity#Add_Intermediate_Certificate_Data_to_Salesforce| | ** [[CA:SalesforceCommunity#Add_Intermediate_Certificate_Data_to_Salesforce| Intermediate certificate data]] chaining up to the root certificates that they own | ||
* CAs '''cannot''' modify: | * CAs '''cannot''' modify records for: | ||
** | ** Root certificate data | ||
** | ** Intermediate certificate data chaining up to root certificates that they do not own | ||
Which intermediate certificate data should CAs add to Salesforce? | |||
* CAs '''must''' add records for: | |||
** Every intermediate certificate (chaining up to a root certificate in Mozilla's program) that is not [[CA:CertificatePolicyV2.1#Technical_Constraints_or_Auditing.2FDisclosure_of_Intermediate_Certificates|Technically Constrained]] via Extended Key Usage and Name Constraint settings. | |||
** Revoked intermediate certificates that [[CA:ImprovingRevocation#When_To_Notify_Mozilla|should be added to OneCRL]] | |||
* CAs do '''not''' need to add records for: | |||
** Expired intermediate certificates | |||
** Revoked intermediate certificates that [[CA:ImprovingRevocation#When_To_Notify_Mozilla|do not need to be added to OneCRL]] | |||
== Add Intermediate Certificate Data to Salesforce == | == Add Intermediate Certificate Data to Salesforce == | ||