Dear Request Tracker,
As an enhancement, I would like to ensure that the default OpenSSL root store contains the latest GlobalSign roots. As follows:- If you have any questions, please let me know. GlobalSign Root CA R1 The root is primarily suitable for Server and Client Authentication, Secure e-mail, Code Signing and Timestamping, however the root itself is marked for all issuance policies and therefore can also be used for OCSP, Encrypting File System, IP Sec (Tunnel, User) and CA Encryption Certificate purposes. All legal documents are located in the repository. <http://www.globalsign.com/repository/index.cfm> http://www.globalsign.com/repository/index.cfm. Key extensions • basicConstraints: CA: true • keyUsage: keyCertSign, cRLSign Example SSL/TLS certificate <https://secure.globalsign.net> https://secure.globalsign.net (Please use IE 6.0 or below as IE 7.0 will highlight the newer R2 root – See the next page) Subject DN CN = GlobalSign Root CA OU = Root CA O = GlobalSign nv-sa C = BE Serial Number 04 00 00 00 00 01 15 4b 5a c3 94 Subject KeyID 60 7b 66 1a 45 0d 97 ca 89 50 2f 7d 04 cd 34 a8 ff fc fd 4b Validity time Valid from : 01 September 1998 12:00:00 Valid to : 28 January 2028 12:00:00 Fingerprints SHA1 = B1:BC:96:8B:D4:F4:9D:62:2A:A8:9A:81:F2:15:01:52:A4:1D:82:9C MD5 = 3E:45:52:15:09:51:92:E1:B7:5D:37:9F:B1:87:29:8A URI to online CRL repository <http://crl.globalsign.net/Root.crl> http://crl.globalsign.net/Root.crl URI to online location of the root <http://secure.globalsign.net/cacert/Root-R1.crt> http://secure.globalsign.net/cacert/Root-R1.crt GlobalSign Root CA R2 The root is primarily suitable for Server and Client Authentication, Secure e-mail, Code Signing and Timestamping, however the root itself is marked for all issuance policies and therefore can also be used for OCSP, Encrypting File System, IP Sec (Tunnel, User) and CA Encryption Certificate purposes. All legal documents are located in the repository. <http://www.globalsign.com/repository/index.cfm> http://www.globalsign.com/repository/index.cfm Key extensions • basicConstraints: CA: true • keyUsage: keyCertSign, cRLSign Example SSL/TLS certificate <https://secure.globalsign.net> https://secure.globalsign.net (Please use IE 7 on XP with auto update enabled or IE 7 on Vista) Certificate File Information GlobalSign Root CA R2 (2021) DER.cer Subject DN CN = GlobalSign O = GlobalSign OU = GlobalSign Root CA - R2 Subject KeyID 9b e2 07 57 67 1c 1e c0 6a 06 de 59 b4 9a 2d df dc 19 86 2e Serial Number 04 00 00 00 00 01 0f 86 26 e6 0d Validity time Valid from : 15 December 2006 08:00:00 Valid to : 15 December 2021 08:00:00 Fingerprints SHA1 = 75:E0:AB:B6:13:85:12:27:1C:04:F8:5F:DD:DE:38:E4:B7:24:2E:FE MD5 = 94:14:77:7E:3E:5E:FD:8F:30:BD:41:B0:CF:E7:D0:30 URI to online CRL repository <http://crl.globalsign.net/Root-r2.crl> http://crl.globalsign.net/Root-r2.crl URI to online location of the root <http://secure.globalsign.net/cacert/Root-R2.crt> http://secure.globalsign.net/cacert/Root-R2.crt Kind Regards, Steve Roylance Business Development Director +44 (0) 1270 873942 - direct +44 (0) 7971 597827 - mobile <mailto:[EMAIL PROTECTED]> [EMAIL PROTECTED] <http://www.globalsign.com> www.globalsign.com signature GlobalSign Ltd, 6 Kings Row, Armstrong Road, Maidstone, Kent, ME15 6AQ, UK. Tel: +44 1622 766766 Fax: +44 1622 662255 Company Registration No. 04705639. Registered in England & Wales.
|
Dear Request Tracker, As an enhancement, I would like to ensure that the default OpenSSL
root store contains the latest GlobalSign roots. As follows:- If you have any questions, please let me know. GlobalSign
Root CA R1 The root is
primarily suitable for Server and Client Authentication, Secure e-mail, Code
Signing and Timestamping, however the root itself is marked for all issuance
policies and therefore can also be used for OCSP, Encrypting File System, IP
Sec (Tunnel, User) and CA Encryption Certificate purposes. All legal
documents are located in the repository. http://www.globalsign.com/repository/index.cfm. Key
extensions • basicConstraints:
CA: true • keyUsage:
keyCertSign, cRLSign Example
SSL/TLS certificate https://secure.globalsign.net (Please use IE 6.0 or
below as IE 7.0 will highlight the newer R2 root – See the next page) Subject DN CN = GlobalSign
Root CA OU = Root CA O =
GlobalSign nv-sa C = BE Serial
Number 04 00
00 00 00 01 15 4b 5a c3 94 Subject
KeyID 60 7b
66 1a 45 0d 97 ca 89 50 2f 7d 04 cd 34 a8 ff fc fd 4b Validity
time Valid from :
01 September 1998 12:00:00 Valid to :
28 January 2028 12:00:00 Fingerprints SHA1 =
B1:BC:96:8B:D4:F4:9D:62:2A:A8:9A:81:F2:15:01:52:A4:1D:82:9C MD5 =
3E:45:52:15:09:51:92:E1:B7:5D:37:9F:B1:87:29:8A URI to
online CRL repository http://crl.globalsign.net/Root.crl URI to
online location of the root http://secure.globalsign.net/cacert/Root-R1.crt GlobalSign
Root CA R2 The root is
primarily suitable for Server and Client Authentication, Secure e-mail, Code
Signing and Timestamping, however the root itself is marked for all issuance
policies and therefore can also be used for OCSP, Encrypting File System, IP
Sec (Tunnel, User) and CA Encryption Certificate purposes. All legal
documents are located in the repository. http://www.globalsign.com/repository/index.cfm Key
extensions • basicConstraints:
CA: true • keyUsage:
keyCertSign, cRLSign Example
SSL/TLS certificate https://secure.globalsign.net (Please use IE 7 on XP
with auto update enabled or IE 7 on Vista) Certificate
File Information GlobalSign
Root CA R2 (2021) DER.cer Subject DN CN =
GlobalSign O =
GlobalSign OU =
GlobalSign Root CA - R2 Subject
KeyID 9b e2 07 57
67 1c 1e c0 6a 06 de 59 b4 9a 2d df dc 19 86 2e Serial
Number 04 00
00 00 00 01 0f 86 26 e6 0d Validity
time Valid from :
15 December 2006 08:00:00 Valid to :
15 December 2021 08:00:00 Fingerprints SHA1 =
75:E0:AB:B6:13:85:12:27:1C:04:F8:5F:DD:DE:38:E4:B7:24:2E:FE MD5 =
94:14:77:7E:3E:5E:FD:8F:30:BD:41:B0:CF:E7:D0:30 URI to
online CRL repository http://crl.globalsign.net/Root-r2.crl URI to
online location of the root http://secure.globalsign.net/cacert/Root-R2.crt Kind Regards, Steve Roylance Business Development Director +44 (0) 1270 873942 -
direct +44 (0) 7971 597827 - mobile GlobalSign Ltd,
6 Kings Row, Armstrong Road, Maidstone, Kent, ME15 6AQ, UK. Tel: +44 1622
766766 Fax: +44 1622 662255 Company
Registration No. 04705639. Registered in England & Wales. |
<<inline: image001.gif>>
