diff --git a/cmd/addbuiltin/addbuiltin.c b/cmd/addbuiltin/addbuiltin.c
--- a/cmd/addbuiltin/addbuiltin.c
+++ b/cmd/addbuiltin/addbuiltin.c
@@ -26,16 +26,39 @@ dumpbytes(unsigned char *buf, int len)
if ((i != 0) && ((i & 0xf) == 0)) {
printf("\n");
}
printf("\\%03o", buf[i]);
}
printf("\n");
}
+int
+hasPositiveTrust(unsigned int trust)
+{
+ if (trust & CERTDB_TRUSTED) {
+ if (trust & CERTDB_TRUSTED_CA) {
+ return PR_TRUE;
+ } else {
+ return PR_FALSE;
+ }
+ } else {
+ if (trust & CERTDB_TRUSTED_CA) {
+ return PR_TRUE;
+ } else if (trust & CERTDB_VALID_CA) {
+ return PR_TRUE;
+ } else if (trust & CERTDB_TERMINAL_RECORD) {
+ return PR_FALSE;
+ } else {
+ return PR_FALSE;
+ }
+ }
+ return PR_FALSE;
+}
+
char *
getTrustString(unsigned int trust)
{
if (trust & CERTDB_TRUSTED) {
if (trust & CERTDB_TRUSTED_CA) {
return "CKT_NSS_TRUSTED_DELEGATOR";
} else {
return "CKT_NSS_TRUSTED";
@@ -197,16 +220,21 @@ ConvertCertificate(SECItem *sdder, char
dumpbytes(cert->derIssuer.data, cert->derIssuer.len);
printf("END\n");
printf("CKA_SERIAL_NUMBER MULTILINE_OCTAL\n");
dumpbytes(serial->data, serial->len);
printf("END\n");
printf("CKA_VALUE MULTILINE_OCTAL\n");
dumpbytes(sdder->data, sdder->len);
printf("END\n");
+ if (hasPositiveTrust(trust->sslFlags) ||
+ hasPositiveTrust(trust->emailFlags) ||
+ hasPositiveTrust(trust->objectSigningFlags)) {
+ printf("CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE\n");
+ }
}
if ((trust->sslFlags | trust->emailFlags | trust->objectSigningFlags) ==
CERTDB_TERMINAL_RECORD)
trust_info = "Distrust";
else
trust_info = "Trust for";
diff --git a/cmd/lib/secutil.c b/cmd/lib/secutil.c
--- a/cmd/lib/secutil.c
+++ b/cmd/lib/secutil.c
@@ -27,17 +27,17 @@
#include <unistd.h>
#endif
/* for SEC_TraverseNames */
#include "cert.h"
#include "certt.h"
#include "certdb.h"
-/* #include "secmod.h" */
+#include "secmod.h"
#include "pk11func.h"
#include "secoid.h"
static char consoleName[] = {
#ifdef XP_UNIX
"/dev/tty"
#else
#ifdef XP_OS2
@@ -3224,25 +3224,58 @@ SECU_PrintSignedContent(FILE *out, SECIt
SECStatus
SEC_PrintCertificateAndTrust(CERTCertificate *cert,
const char *label,
CERTCertTrust *trust)
{
SECStatus rv;
SECItem data;
CERTCertTrust certTrust;
+ PK11SlotList *slotList;
+ PRBool falseAttributeFound = PR_FALSE;
+ PRBool trueAttributeFound = PR_FALSE;
+ const char *moz_policy_ca_info = NULL;
data.data = cert->derCert.data;
data.len = cert->derCert.len;
rv = SECU_PrintSignedData(stdout, &data, label, 0,
(SECU_PPFunc)SECU_PrintCertificate);
if (rv) {
return (SECFailure);
}
+
+ slotList = PK11_GetAllSlotsForCert(cert, NULL);
+ if (slotList) {
+ PK11SlotListElement *se = PK11_GetFirstSafe(slotList);
+ for (; se; se = PK11_GetNextSafe(slotList, se, PR_FALSE)) {
+ CK_OBJECT_HANDLE handle = PK11_FindCertInSlot(se->slot, cert, NULL);
+ if (handle != CK_INVALID_HANDLE) {
+ PORT_SetError(0);
+ if (PK11_HasAttributeSet(se->slot, handle,
+ CKA_NSS_MOZILLA_CA_POLICY, PR_FALSE)) {
+ trueAttributeFound = PR_TRUE;
+ } else if (!PORT_GetError()) {
+ falseAttributeFound = PR_TRUE;
+ }
+ }
+ }
+ PK11_FreeSlotList(slotList);
+ }
+
+ if (trueAttributeFound) {
+ moz_policy_ca_info = "true (attribute present)";
+ } else if (falseAttributeFound) {
+ moz_policy_ca_info = "false (attribute present)";
+ } else {
+ moz_policy_ca_info = "false (attribute missing)";
+ }
+ SECU_Indent(stdout, 1);
+ printf("Mozilla-CA-Policy: %s\n", moz_policy_ca_info);
+
if (trust) {
SECU_PrintTrustFlags(stdout, trust,
"Certificate Trust Flags", 1);
} else if (CERT_GetCertTrust(cert, &certTrust) == SECSuccess) {
SECU_PrintTrustFlags(stdout, &certTrust,
"Certificate Trust Flags", 1);
}
diff --git a/lib/ckfw/builtins/certdata.txt b/lib/ckfw/builtins/certdata.txt
--- a/lib/ckfw/builtins/certdata.txt
+++ b/lib/ckfw/builtins/certdata.txt
@@ -186,16 +186,17 @@
\034\161\142\356\312\310\227\254\027\135\212\302\370\107\206\156
\052\304\126\061\225\320\147\211\205\053\371\154\246\135\106\235
\014\252\202\344\231\121\335\160\267\333\126\075\141\344\152\341
\134\326\366\376\075\336\101\314\007\256\143\122\277\123\123\364
\053\351\307\375\266\367\202\137\205\322\101\030\333\201\263\004
\034\305\037\244\200\157\025\040\311\336\014\210\012\035\326\146
\125\342\374\110\311\051\046\151\340
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "GlobalSign Root CA"
# Issuer: CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE
# Serial Number:04:00:00:00:00:01:15:4b:5a:c3:94
# Subject: CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE
# Not Valid Before: Tue Sep 01 12:00:00 1998
# Not Valid After : Fri Jan 28 12:00:00 2028
# Fingerprint (MD5): 3E:45:52:15:09:51:92:E1:B7:5D:37:9F:B1:87:29:8A
@@ -319,16 +320,17 @@
\176\273\363\171\030\221\273\364\157\235\301\360\214\065\214\135
\001\373\303\155\271\357\104\155\171\106\061\176\012\376\251\202
\301\377\357\253\156\040\304\120\311\137\235\115\233\027\214\014
\345\001\311\240\101\152\163\123\372\245\120\264\156\045\017\373
\114\030\364\375\122\331\216\151\261\350\021\017\336\210\330\373
\035\111\367\252\336\225\317\040\170\302\140\022\333\045\100\214
\152\374\176\102\070\100\144\022\367\236\201\341\223\056
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "GlobalSign Root CA - R2"
# Issuer: CN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R2
# Serial Number:04:00:00:00:00:01:0f:86:26:e6:0d
# Subject: CN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R2
# Not Valid Before: Fri Dec 15 08:00:00 2006
# Not Valid After : Wed Dec 15 08:00:00 2021
# Fingerprint (MD5): 94:14:77:7E:3E:5E:FD:8F:30:BD:41:B0:CF:E7:D0:30
@@ -474,16 +476,17 @@
\114\015\046\145\342\104\200\036\307\237\343\335\350\012\332\354
\245\040\200\151\150\241\117\176\341\153\317\007\101\372\203\216
\274\070\335\260\056\021\261\153\262\102\314\232\274\371\110\042
\171\112\031\017\262\034\076\040\164\331\152\303\276\362\050\170
\023\126\171\117\155\120\352\033\260\265\127\261\067\146\130\043
\363\334\017\337\012\207\304\357\206\005\325\070\024\140\231\243
\113\336\006\226\161\054\362\333\266\037\244\357\077\356
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Verisign Class 1 Public Primary Certification Authority - G3"
# Issuer: CN=VeriSign Class 1 Public Primary Certification Authority - G3,OU="(c) 1999 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
# Serial Number:00:8b:5b:75:56:84:54:85:0b:00:cf:af:38:48:ce:b1:a4
# Subject: CN=VeriSign Class 1 Public Primary Certification Authority - G3,OU="(c) 1999 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
# Not Valid Before: Fri Oct 01 00:00:00 1999
# Not Valid After : Wed Jul 16 23:59:59 2036
# Fingerprint (MD5): B1:47:BC:18:57:D1:18:A0:78:2D:EC:71:E8:2A:95:73
@@ -638,16 +641,17 @@
\301\062\163\042\041\213\130\201\173\025\221\172\272\343\144\110
\260\177\373\066\045\332\225\320\361\044\024\027\335\030\200\153
\106\043\071\124\365\216\142\011\004\035\224\220\246\233\346\045
\342\102\105\252\270\220\255\276\010\217\251\013\102\030\224\317
\162\071\341\261\103\340\050\317\267\347\132\154\023\153\111\263
\377\343\030\174\211\213\063\135\254\063\327\247\371\332\072\125
\311\130\020\371\252\357\132\266\317\113\113\337\052
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Verisign Class 2 Public Primary Certification Authority - G3"
# Issuer: CN=VeriSign Class 2 Public Primary Certification Authority - G3,OU="(c) 1999 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
# Serial Number:61:70:cb:49:8c:5f:98:45:29:e7:b0:a6:d9:50:5b:7a
# Subject: CN=VeriSign Class 2 Public Primary Certification Authority - G3,OU="(c) 1999 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
# Not Valid Before: Fri Oct 01 00:00:00 1999
# Not Valid After : Wed Jul 16 23:59:59 2036
# Fingerprint (MD5): F8:BE:C4:63:22:C9:A8:46:74:8B:B8:1D:1E:4A:2B:F6
@@ -802,16 +806,17 @@
\022\032\022\150\270\373\146\231\024\024\105\134\256\347\256\151
\027\201\053\132\067\311\136\052\364\306\342\241\134\124\233\246
\124\000\317\360\361\301\307\230\060\032\073\066\026\333\243\156
\352\375\255\262\302\332\357\002\107\023\212\300\361\263\061\255
\117\034\341\117\234\257\017\014\235\367\170\015\330\364\065\126
\200\332\267\155\027\217\235\036\201\144\341\376\305\105\272\255
\153\271\012\172\116\117\113\204\356\113\361\175\335\021
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Verisign Class 3 Public Primary Certification Authority - G3"
# Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G3,OU="(c) 1999 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
# Serial Number:00:9b:7e:06:49:a3:3e:62:b9:d5:ee:90:48:71:29:ef:57
# Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G3,OU="(c) 1999 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
# Not Valid Before: Fri Oct 01 00:00:00 1999
# Not Valid After : Wed Jul 16 23:59:59 2036
# Fingerprint (MD5): CD:68:B6:A7:C7:C4:CE:75:E0:1D:4F:57:44:61:92:09
@@ -1076,16 +1081,17 @@
\273\377\043\357\150\031\313\022\223\047\134\003\055\157\060\320
\036\266\032\254\336\132\367\321\252\250\047\246\376\171\201\304
\171\231\063\127\272\022\260\251\340\102\154\223\312\126\336\376
\155\204\013\010\213\176\215\352\327\230\041\306\363\347\074\171
\057\136\234\321\114\025\215\341\354\042\067\314\232\103\013\227
\334\200\220\215\263\147\233\157\110\010\025\126\317\277\361\053
\174\136\232\166\351\131\220\305\174\203\065\021\145\121
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Entrust.net Premium 2048 Secure Server CA"
# Issuer: CN=Entrust.net Certification Authority (2048),OU=(c) 1999 Entrust.net Limited,OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.),O=Entrust.net
# Serial Number: 946069240 (0x3863def8)
# Subject: CN=Entrust.net Certification Authority (2048),OU=(c) 1999 Entrust.net Limited,OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.),O=Entrust.net
# Not Valid Before: Fri Dec 24 17:50:51 1999
# Not Valid After : Tue Jul 24 14:15:12 2029
# Fingerprint (MD5): EE:29:31:BC:32:7E:9A:E6:E8:B5:F7:51:B4:34:71:90
@@ -1213,16 +1219,17 @@
\056\310\244\236\116\010\024\113\155\375\160\155\153\032\143\275
\144\346\037\267\316\360\362\237\056\273\033\267\362\120\210\163
\222\302\342\343\026\215\232\062\002\253\216\030\335\351\020\021
\356\176\065\253\220\257\076\060\224\172\320\063\075\247\145\017
\365\374\216\236\142\317\107\104\054\001\135\273\035\265\062\322
\107\322\070\056\320\376\201\334\062\152\036\265\356\074\325\374
\347\201\035\031\303\044\102\352\143\071\251
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Baltimore CyberTrust Root"
# Issuer: CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE
# Serial Number: 33554617 (0x20000b9)
# Subject: CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE
# Not Valid Before: Fri May 12 18:46:00 2000
# Not Valid After : Mon May 12 23:59:00 2025
# Fingerprint (MD5): AC:B6:94:A5:9C:17:E0:D7:91:52:9B:B1:97:06:A6:E4
@@ -1356,16 +1363,17 @@
\213\375\273\034\126\066\362\376\262\266\345\166\273\325\042\145
\247\077\376\321\146\255\013\274\153\231\206\357\077\175\363\030
\062\312\173\306\343\253\144\106\225\370\046\151\331\125\203\173
\054\226\007\377\131\054\104\243\306\345\351\251\334\241\143\200
\132\041\136\041\317\123\124\360\272\157\211\333\250\252\225\317
\213\343\161\314\036\033\040\104\010\300\172\266\100\375\304\344
\065\341\035\026\034\320\274\053\216\326\161\331
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "AddTrust Low-Value Services Root"
# Issuer: CN=AddTrust Class 1 CA Root,OU=AddTrust TTP Network,O=AddTrust AB,C=SE
# Serial Number: 1 (0x1)
# Subject: CN=AddTrust Class 1 CA Root,OU=AddTrust TTP Network,O=AddTrust AB,C=SE
# Not Valid Before: Tue May 30 10:38:31 2000
# Not Valid After : Sat May 30 10:38:31 2020
# Fingerprint (MD5): 1E:42:95:02:33:92:6B:B9:5F:C0:7F:DA:D6:B2:4B:FC
@@ -1504,16 +1512,17 @@
\335\217\212\303\366\366\214\032\102\005\121\324\105\365\237\247
\142\041\150\025\040\103\074\231\347\174\275\044\330\251\221\027
\163\210\077\126\033\061\070\030\264\161\017\232\315\310\016\236
\216\056\033\341\214\230\203\313\037\061\361\104\114\306\004\163
\111\166\140\017\307\370\275\027\200\153\056\351\314\114\016\132
\232\171\017\040\012\056\325\236\143\046\036\125\222\224\330\202
\027\132\173\320\274\307\217\116\206\004
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "AddTrust External Root"
# Issuer: CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE
# Serial Number: 1 (0x1)
# Subject: CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE
# Not Valid Before: Tue May 30 10:48:38 2000
# Not Valid After : Sat May 30 10:48:38 2020
# Fingerprint (MD5): 1D:35:54:04:85:78:B0:3F:42:42:4D:BF:20:73:0A:3F
@@ -1649,16 +1658,17 @@
\330\032\214\307\355\234\116\232\340\022\273\265\152\114\204\341
\341\042\015\207\000\144\376\214\175\142\071\145\246\357\102\266
\200\045\022\141\001\250\044\023\160\000\021\046\137\372\065\120
\305\110\314\006\107\350\047\330\160\215\137\144\346\241\104\046
\136\042\354\222\315\377\102\232\104\041\155\134\305\343\042\035
\137\107\022\347\316\137\135\372\330\252\261\063\055\331\166\362
\116\072\063\014\053\263\055\220\006
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "AddTrust Public Services Root"
# Issuer: CN=AddTrust Public CA Root,OU=AddTrust TTP Network,O=AddTrust AB,C=SE
# Serial Number: 1 (0x1)
# Subject: CN=AddTrust Public CA Root,OU=AddTrust TTP Network,O=AddTrust AB,C=SE
# Not Valid Before: Tue May 30 10:41:50 2000
# Not Valid After : Sat May 30 10:41:50 2020
# Fingerprint (MD5): C1:62:3E:23:C5:82:73:9C:03:59:4B:2B:E9:77:49:7F
@@ -1794,16 +1804,17 @@
\077\240\261\007\326\351\117\334\336\105\161\060\062\177\033\056
\011\371\277\122\241\356\302\200\076\006\134\056\125\100\301\033
\365\160\105\260\334\135\372\366\162\132\167\322\143\315\317\130
\211\000\102\143\077\171\071\320\104\260\202\156\101\031\350\335
\340\301\210\132\321\036\161\223\037\044\060\164\345\036\250\336
\074\047\067\177\203\256\236\167\317\360\060\261\377\113\231\350
\306\241
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "AddTrust Qualified Certificates Root"
# Issuer: CN=AddTrust Qualified CA Root,OU=AddTrust TTP Network,O=AddTrust AB,C=SE
# Serial Number: 1 (0x1)
# Subject: CN=AddTrust Qualified CA Root,OU=AddTrust TTP Network,O=AddTrust AB,C=SE
# Not Valid Before: Tue May 30 10:44:50 2000
# Not Valid After : Sat May 30 10:44:50 2020
# Fingerprint (MD5): 27:EC:39:47:CD:DA:5A:AF:E2:9A:01:65:21:A9:4C:BB
@@ -1956,16 +1967,17 @@
\175\352\261\355\060\045\301\204\332\064\322\133\170\203\126\354
\234\066\303\046\342\021\366\147\111\035\222\253\214\373\353\377
\172\356\205\112\247\120\200\360\247\134\112\224\056\137\005\231
\074\122\101\340\315\264\143\317\001\103\272\234\203\334\217\140
\073\363\132\264\264\173\256\332\013\220\070\165\357\201\035\146
\322\367\127\160\066\263\277\374\050\257\161\045\205\133\023\376
\036\177\132\264\074
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Entrust Root Certification Authority"
# Issuer: CN=Entrust Root Certification Authority,OU="(c) 2006 Entrust, Inc.",OU=www.entrust.net/CPS is incorporated by reference,O="Entrust, Inc.",C=US
# Serial Number: 1164660820 (0x456b5054)
# Subject: CN=Entrust Root Certification Authority,OU="(c) 2006 Entrust, Inc.",OU=www.entrust.net/CPS is incorporated by reference,O="Entrust, Inc.",C=US
# Not Valid Before: Mon Nov 27 20:23:42 2006
# Not Valid After : Fri Nov 27 20:53:42 2026
# Fingerprint (MD5): D6:A5:C3:ED:5D:DD:3E:00:C1:3D:87:92:1F:1D:3F:E4
@@ -2089,16 +2101,17 @@
\270\234\344\035\266\253\346\224\245\301\307\203\255\333\365\047
\207\016\004\154\325\377\335\240\135\355\207\122\267\053\025\002
\256\071\246\152\164\351\332\304\347\274\115\064\036\251\134\115
\063\137\222\011\057\210\146\135\167\227\307\035\166\023\251\325
\345\361\026\011\021\065\325\254\333\044\161\160\054\230\126\013
\331\027\264\321\343\121\053\136\165\350\325\320\334\117\064\355
\302\005\146\200\241\313\346\063
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "GeoTrust Global CA"
# Issuer: CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US
# Serial Number: 144470 (0x23456)
# Subject: CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US
# Not Valid Before: Tue May 21 04:00:00 2002
# Not Valid After : Sat May 21 04:00:00 2022
# Fingerprint (MD5): F7:75:AB:29:FB:51:4E:B7:77:5E:FF:05:3C:99:8E:F5
@@ -2216,16 +2229,17 @@
\151\266\362\377\341\032\320\014\321\166\205\313\212\045\275\227
\136\054\157\025\231\046\347\266\051\377\042\354\311\002\307\126
\000\315\111\271\263\154\173\123\004\032\342\250\311\252\022\005
\043\302\316\347\273\004\002\314\300\107\242\344\304\051\057\133
\105\127\211\121\356\074\353\122\010\377\007\065\036\237\065\152
\107\112\126\230\321\132\205\037\214\365\042\277\253\316\203\363
\342\042\051\256\175\203\100\250\272\154
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "GeoTrust Global CA 2"
# Issuer: CN=GeoTrust Global CA 2,O=GeoTrust Inc.,C=US
# Serial Number: 1 (0x1)
# Subject: CN=GeoTrust Global CA 2,O=GeoTrust Inc.,C=US
# Not Valid Before: Thu Mar 04 05:00:00 2004
# Not Valid After : Mon Mar 04 05:00:00 2019
# Fingerprint (MD5): 0E:40:A7:6C:DE:03:5D:8F:D1:0F:E4:D1:8D:F9:6C:A9
@@ -2375,16 +2389,17 @@
\121\173\327\251\234\006\241\066\335\325\211\224\274\331\344\055
\014\136\011\154\010\227\174\243\075\174\223\377\077\241\024\247
\317\265\135\353\333\333\034\304\166\337\210\271\275\105\005\225
\033\256\374\106\152\114\257\110\343\316\256\017\322\176\353\346
\154\234\117\201\152\172\144\254\273\076\325\347\313\166\056\305
\247\110\301\134\220\017\313\310\077\372\346\062\341\215\033\157
\244\346\216\330\371\051\110\212\316\163\376\054
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "GeoTrust Universal CA"
# Issuer: CN=GeoTrust Universal CA,O=GeoTrust Inc.,C=US
# Serial Number: 1 (0x1)
# Subject: CN=GeoTrust Universal CA,O=GeoTrust Inc.,C=US
# Not Valid Before: Thu Mar 04 05:00:00 2004
# Not Valid After : Sun Mar 04 05:00:00 2029
# Fingerprint (MD5): 92:65:58:8B:A2:1A:31:72:73:68:5C:B4:A5:7A:07:48
@@ -2534,16 +2549,17 @@
\227\124\167\332\075\022\267\340\036\357\010\006\254\371\205\207
\351\242\334\257\176\030\022\203\375\126\027\101\056\325\051\202
\175\231\364\061\366\161\251\317\054\001\047\245\005\271\252\262
\110\116\052\357\237\223\122\121\225\074\122\163\216\126\114\027
\100\300\011\050\344\213\152\110\123\333\354\315\125\125\361\306
\370\351\242\054\114\246\321\046\137\176\257\132\114\332\037\246
\362\034\054\176\256\002\026\322\126\320\057\127\123\107\350\222
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "GeoTrust Universal CA 2"
# Issuer: CN=GeoTrust Universal CA 2,O=GeoTrust Inc.,C=US
# Serial Number: 1 (0x1)
# Subject: CN=GeoTrust Universal CA 2,O=GeoTrust Inc.,C=US
# Not Valid Before: Thu Mar 04 05:00:00 2004
# Not Valid After : Sun Mar 04 05:00:00 2029
# Fingerprint (MD5): 34:FC:B8:D0:36:DB:9E:14:B3:C2:F2:DB:8F:E4:94:C7
@@ -2670,16 +2686,17 @@
\022\074\154\151\227\333\256\137\071\232\160\057\005\074\031\106
\004\231\040\066\320\140\156\141\006\273\026\102\214\160\367\060
\373\340\333\146\243\000\001\275\346\054\332\221\137\240\106\213
\115\152\234\075\075\335\005\106\376\166\277\240\012\074\344\000
\346\047\267\377\204\055\336\272\042\047\226\020\161\353\042\355
\337\337\063\234\317\343\255\256\216\324\216\346\117\121\257\026
\222\340\134\366\007\017
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Visa eCommerce Root"
# Issuer: CN=Visa eCommerce Root,OU=Visa International Service Association,O=VISA,C=US
# Serial Number:13:86:35:4d:1d:3f:06:f2:c1:f9:65:05:d5:90:1c:62
# Subject: CN=Visa eCommerce Root,OU=Visa International Service Association,O=VISA,C=US
# Not Valid Before: Wed Jun 26 02:18:36 2002
# Not Valid After : Fri Jun 24 00:16:12 2022
# Fingerprint (MD5): FC:11:B8:D8:08:93:30:00:6D:23:F9:7E:EB:52:1E:02
@@ -2792,16 +2809,17 @@
\012\072\223\023\233\073\024\043\023\143\234\077\321\207\047\171
\345\114\121\343\001\255\205\135\032\073\261\325\163\020\244\323
\362\274\156\144\365\132\126\220\250\307\016\114\164\017\056\161
\073\367\310\107\364\151\157\025\362\021\136\203\036\234\174\122
\256\375\002\332\022\250\131\147\030\333\274\160\335\233\261\151
\355\200\316\211\100\110\152\016\065\312\051\146\025\041\224\054
\350\140\052\233\205\112\100\363\153\212\044\354\006\026\054\163
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Certum Root CA"
# Issuer: CN=Certum CA,O=Unizeto Sp. z o.o.,C=PL
# Serial Number: 65568 (0x10020)
# Subject: CN=Certum CA,O=Unizeto Sp. z o.o.,C=PL
# Not Valid Before: Tue Jun 11 10:46:39 2002
# Not Valid After : Fri Jun 11 10:46:39 2027
# Fingerprint (MD5): 2C:8F:9F:66:1D:18:90:B1:47:26:9D:8E:86:82:8C:A9
@@ -2937,16 +2955,17 @@
\154\354\351\041\163\354\233\003\241\340\067\255\240\025\030\217
\372\272\002\316\247\054\251\020\023\054\324\345\010\046\253\042
\227\140\370\220\136\164\324\242\232\123\275\362\251\150\340\242
\156\302\327\154\261\243\017\236\277\353\150\347\126\362\256\362
\343\053\070\072\011\201\265\153\205\327\276\055\355\077\032\267
\262\143\342\365\142\054\202\324\152\000\101\120\361\071\203\237
\225\351\066\226\230\156
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Comodo AAA Services root"
# Issuer: CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB
# Serial Number: 1 (0x1)
# Subject: CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB
# Not Valid Before: Thu Jan 01 00:00:00 2004
# Not Valid After : Sun Dec 31 23:59:59 2028
# Fingerprint (MD5): 49:79:04:B0:EB:87:19:AC:47:B0:BC:11:51:9B:74:D0
@@ -3087,16 +3106,17 @@
\223\367\252\023\313\322\023\342\267\056\073\315\153\120\027\011
\150\076\265\046\127\356\266\340\266\335\271\051\200\171\175\217
\243\360\244\050\244\025\304\205\364\047\324\153\277\345\134\344
\145\002\166\124\264\343\067\146\044\323\031\141\310\122\020\345
\213\067\232\271\251\371\035\277\352\231\222\141\226\377\001\315
\241\137\015\274\161\274\016\254\013\035\107\105\035\301\354\174
\354\375\051
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Comodo Secure Services root"
# Issuer: CN=Secure Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB
# Serial Number: 1 (0x1)
# Subject: CN=Secure Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB
# Not Valid Before: Thu Jan 01 00:00:00 2004
# Not Valid After : Sun Dec 31 23:59:59 2028
# Fingerprint (MD5): D3:D9:BD:AE:9F:AC:67:24:B3:C8:1B:52:E1:B9:A9:BD
@@ -3239,16 +3259,17 @@
\201\170\057\050\300\176\323\314\102\012\365\256\120\240\321\076
\306\241\161\354\077\240\040\214\146\072\211\264\216\324\330\261
\115\045\107\356\057\210\310\265\341\005\105\300\276\024\161\336
\172\375\216\173\175\115\010\226\245\022\163\360\055\312\067\047
\164\022\047\114\313\266\227\351\331\256\010\155\132\071\100\335
\005\107\165\152\132\041\263\243\030\317\116\367\056\127\267\230
\160\136\310\304\170\260\142
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Comodo Trusted Services root"
# Issuer: CN=Trusted Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB
# Serial Number: 1 (0x1)
# Subject: CN=Trusted Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB
# Not Valid Before: Thu Jan 01 00:00:00 2004
# Not Valid After : Sun Dec 31 23:59:59 2028
# Fingerprint (MD5): 91:1B:3F:6E:CD:9E:AB:EE:07:FE:1F:71:D2:B3:61:27
@@ -3417,16 +3438,17 @@
\231\003\072\212\314\124\045\071\061\201\173\023\042\121\272\106
\154\241\273\236\372\004\154\111\046\164\217\322\163\353\314\060
\242\346\352\131\042\207\370\227\365\016\375\352\314\222\244\026
\304\122\030\352\041\316\261\361\346\204\201\345\272\251\206\050
\362\103\132\135\022\235\254\036\331\250\345\012\152\247\177\240
\207\051\317\362\211\115\324\354\305\342\346\172\320\066\043\212
\112\164\066\371
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "QuoVadis Root CA"
# Issuer: CN=QuoVadis Root Certification Authority,OU=Root Certification Authority,O=QuoVadis Limited,C=BM
# Serial Number: 985026699 (0x3ab6508b)
# Subject: CN=QuoVadis Root Certification Authority,OU=Root Certification Authority,O=QuoVadis Limited,C=BM
# Not Valid Before: Mon Mar 19 18:33:33 2001
# Not Valid After : Wed Mar 17 18:33:33 2021
# Fingerprint (MD5): 27:DE:36:FE:72:B7:00:03:00:9D:F4:F0:1E:6C:04:24
@@ -3585,16 +3607,17 @@
\226\136\234\307\357\047\142\010\342\221\031\134\322\361\041\335
\272\027\102\202\227\161\201\123\061\251\237\366\175\142\277\162
\341\243\223\035\314\212\046\132\011\070\320\316\327\015\200\026
\264\170\245\072\207\114\215\212\245\325\106\227\362\054\020\271
\274\124\042\300\001\120\151\103\236\364\262\357\155\370\354\332
\361\343\261\357\337\221\217\124\052\013\045\301\046\031\304\122
\020\005\145\325\202\020\352\302\061\315\056
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "QuoVadis Root CA 2"
# Issuer: CN=QuoVadis Root CA 2,O=QuoVadis Limited,C=BM
# Serial Number: 1289 (0x509)
# Subject: CN=QuoVadis Root CA 2,O=QuoVadis Limited,C=BM
# Not Valid Before: Fri Nov 24 18:27:00 2006
# Not Valid After : Mon Nov 24 18:23:33 2031
# Fingerprint (MD5): 5E:39:7B:DD:F8:BA:EC:82:E9:AC:62:BA:0C:54:00:2B
@@ -3764,16 +3787,17 @@
\340\164\053\262\353\175\276\101\033\265\300\106\305\241\042\313
\137\116\301\050\222\336\030\272\325\052\050\273\021\213\027\223
\230\231\140\224\134\043\317\132\047\227\136\013\005\006\223\067
\036\073\151\066\353\251\236\141\035\217\062\332\216\014\326\164
\076\173\011\044\332\001\167\107\304\073\315\064\214\231\365\312
\341\045\141\063\262\131\033\342\156\327\067\127\266\015\251\022
\332
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "QuoVadis Root CA 3"
# Issuer: CN=QuoVadis Root CA 3,O=QuoVadis Limited,C=BM
# Serial Number: 1478 (0x5c6)
# Subject: CN=QuoVadis Root CA 3,O=QuoVadis Limited,C=BM
# Not Valid Before: Fri Nov 24 19:11:23 2006
# Not Valid After : Mon Nov 24 19:06:44 2031
# Fingerprint (MD5): 31:85:3C:62:94:97:63:B9:AA:FD:89:4E:AF:6F:E0:CF
@@ -3892,16 +3916,17 @@
\161\245\062\252\057\306\211\166\103\100\023\023\147\075\242\124
\045\020\313\361\072\362\331\372\333\111\126\273\246\376\247\101
\065\303\340\210\141\311\210\307\337\066\020\042\230\131\352\260
\112\373\126\026\163\156\254\115\367\042\241\117\255\035\172\055
\105\047\345\060\301\136\362\332\023\313\045\102\121\225\107\003
\214\154\041\314\164\102\355\123\377\063\213\217\017\127\001\026
\057\317\246\356\311\160\042\024\275\375\276\154\013\003
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Security Communication Root CA"
# Issuer: OU=Security Communication RootCA1,O=SECOM Trust.net,C=JP
# Serial Number: 0 (0x0)
# Subject: OU=Security Communication RootCA1,O=SECOM Trust.net,C=JP
# Not Valid Before: Tue Sep 30 04:20:49 2003
# Not Valid After : Sat Sep 30 04:20:49 2023
# Fingerprint (MD5): F1:BC:63:6A:54:E0:B5:27:F5:CD:E7:1A:E3:4D:6E:4A
@@ -4014,16 +4039,17 @@
\066\276\246\133\015\152\154\232\037\221\173\371\371\357\102\272
\116\116\236\314\014\215\224\334\331\105\234\136\354\102\120\143
\256\364\135\304\261\022\334\312\073\250\056\235\024\132\005\165
\267\354\327\143\342\272\065\266\004\010\221\350\332\235\234\366
\146\265\030\254\012\246\124\046\064\063\322\033\301\324\177\032
\072\216\013\252\062\156\333\374\117\045\237\331\062\307\226\132
\160\254\337\114
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Sonera Class 2 Root CA"
# Issuer: CN=Sonera Class2 CA,O=Sonera,C=FI
# Serial Number: 29 (0x1d)
# Subject: CN=Sonera Class2 CA,O=Sonera,C=FI
# Not Valid Before: Fri Apr 06 07:29:40 2001
# Not Valid After : Tue Apr 06 07:29:40 2021
# Fingerprint (MD5): A3:EC:75:0F:2E:88:DF:FA:48:01:4E:0B:5C:48:6F:FB
@@ -4175,16 +4201,17 @@
\211\272\061\035\305\020\150\122\236\337\242\205\305\134\010\246
\170\346\123\117\261\350\267\323\024\236\223\246\303\144\343\254
\176\161\315\274\237\351\003\033\314\373\351\254\061\301\257\174
\025\164\002\231\303\262\107\246\302\062\141\327\307\157\110\044
\121\047\241\325\207\125\362\173\217\230\075\026\236\356\165\266
\370\320\216\362\363\306\256\050\133\247\360\363\066\027\374\303
\005\323\312\003\112\124
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "UTN USERFirst Email Root CA"
# Issuer: CN=UTN-USERFirst-Client Authentication and Email,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
# Serial Number:44:be:0c:8b:50:00:24:b4:11:d3:36:25:25:67:c9:89
# Subject: CN=UTN-USERFirst-Client Authentication and Email,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
# Not Valid Before: Fri Jul 09 17:28:50 1999
# Not Valid After : Tue Jul 09 17:36:58 2019
# Fingerprint (MD5): D7:34:3D:EF:1D:27:09:28:E1:31:02:5B:13:2B:DD:F7
@@ -4338,16 +4365,17 @@
\370\323\157\133\036\226\343\340\164\167\164\173\212\242\156\055
\335\166\326\071\060\202\360\253\234\122\362\052\307\257\111\136
\176\307\150\345\202\201\310\152\047\371\047\210\052\325\130\120
\225\037\360\073\034\127\273\175\024\071\142\053\232\311\224\222
\052\243\042\014\377\211\046\175\137\043\053\107\327\025\035\251
\152\236\121\015\052\121\236\201\371\324\073\136\160\022\177\020
\062\234\036\273\235\370\146\250
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "UTN USERFirst Hardware Root CA"
# Issuer: CN=UTN-USERFirst-Hardware,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
# Serial Number:44:be:0c:8b:50:00:24:b4:11:d3:36:2a:fe:65:0a:fd
# Subject: CN=UTN-USERFirst-Hardware,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
# Not Valid Before: Fri Jul 09 18:10:42 1999
# Not Valid After : Tue Jul 09 18:19:22 2019
# Fingerprint (MD5): 4C:56:41:E5:0D:BB:2B:E8:CA:A3:ED:18:08:AD:43:39
@@ -4498,16 +4526,17 @@
\261\104\252\152\317\027\172\317\157\017\324\370\044\125\137\360
\064\026\111\146\076\120\106\311\143\161\070\061\142\270\142\271
\363\123\255\154\265\053\242\022\252\031\117\011\332\136\347\223
\306\216\024\010\376\360\060\200\030\240\206\205\115\310\175\327
\213\003\376\156\325\367\235\026\254\222\054\240\043\345\234\221
\122\037\224\337\027\224\163\303\263\301\301\161\005\040\000\170
\275\023\122\035\250\076\315\000\037\310
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "UTN USERFirst Object Root CA"
# Issuer: CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
# Serial Number:44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
# Subject: CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
# Not Valid Before: Fri Jul 09 18:31:20 1999
# Not Valid After : Tue Jul 09 18:40:36 2019
# Fingerprint (MD5): A7:F2:E4:16:06:41:11:50:30:6B:9C:E3:B4:9C:B0:C9
@@ -4661,16 +4690,17 @@
\210\351\007\106\101\316\357\101\201\256\130\337\203\242\256\312
\327\167\037\347\000\074\235\157\216\344\062\011\035\115\170\064
\170\064\074\224\233\046\355\117\161\306\031\172\275\040\042\110
\132\376\113\175\003\267\347\130\276\306\062\116\164\036\150\335
\250\150\133\263\076\356\142\175\331\200\350\012\165\172\267\356
\264\145\232\041\220\340\252\320\230\274\070\265\163\074\213\370
\334
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Camerfirma Chambers of Commerce Root"
# Issuer: CN=Chambers of Commerce Root,OU=http://www.chambersign.org,O=AC Camerfirma SA CIF A82743287,C=EU
# Serial Number: 0 (0x0)
# Subject: CN=Chambers of Commerce Root,OU=http://www.chambersign.org,O=AC Camerfirma SA CIF A82743287,C=EU
# Not Valid Before: Tue Sep 30 16:13:43 2003
# Not Valid After : Wed Sep 30 16:13:44 2037
# Fingerprint (MD5): B0:01:EE:14:D9:AF:29:18:94:76:8E:F1:69:33:2A:84
@@ -4820,16 +4850,17 @@
\222\025\323\137\076\306\000\111\072\156\130\262\321\321\047\015
\045\310\062\370\040\021\315\175\062\063\110\224\124\114\335\334
\171\304\060\237\353\216\270\125\265\327\210\134\305\152\044\075
\262\323\005\003\121\306\007\357\314\024\162\164\075\156\162\316
\030\050\214\112\240\167\345\011\053\105\104\107\254\267\147\177
\001\212\005\132\223\276\241\301\377\370\347\016\147\244\107\111
\166\135\165\220\032\365\046\217\360
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Camerfirma Global Chambersign Root"
# Issuer: CN=Global Chambersign Root,OU=http://www.chambersign.org,O=AC Camerfirma SA CIF A82743287,C=EU
# Serial Number: 0 (0x0)
# Subject: CN=Global Chambersign Root,OU=http://www.chambersign.org,O=AC Camerfirma SA CIF A82743287,C=EU
# Not Valid Before: Tue Sep 30 16:14:18 2003
# Not Valid After : Wed Sep 30 16:14:18 2037
# Fingerprint (MD5): C5:E6:7B:BF:06:D0:4F:43:ED:C4:7A:65:8A:FB:6B:19
@@ -4972,16 +5003,17 @@
\212\144\101\061\270\016\154\220\044\244\233\134\161\217\272\273
\176\034\033\333\152\200\017\041\274\351\333\246\267\100\364\262
\213\251\261\344\357\232\032\320\075\151\231\356\250\050\243\341
\074\263\360\262\021\234\317\174\100\346\335\347\103\175\242\330
\072\265\251\215\362\064\231\304\324\020\341\006\375\011\204\020
\073\356\304\114\364\354\047\174\102\302\164\174\202\212\011\311
\264\003\045\274
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "XRamp Global CA Root"
# Issuer: CN=XRamp Global Certification Authority,O=XRamp Security Services Inc,OU=www.xrampsecurity.com,C=US
# Serial Number:50:94:6c:ec:18:ea:d5:9c:4d:d5:97:ef:75:8f:a0:ad
# Subject: CN=XRamp Global Certification Authority,O=XRamp Security Services Inc,OU=www.xrampsecurity.com,C=US
# Not Valid Before: Mon Nov 01 17:14:04 2004
# Not Valid After : Mon Jan 01 05:37:19 2035
# Fingerprint (MD5): A1:0B:44:B3:CA:10:D8:00:6E:9D:0F:D8:0F:92:0A:D1
@@ -5118,16 +5150,17 @@
\216\222\204\162\071\353\040\352\203\355\203\315\227\156\010\274
\353\116\046\266\163\053\344\323\366\114\376\046\161\342\141\021
\164\112\377\127\032\207\017\165\110\056\317\121\151\027\240\002
\022\141\225\325\321\100\262\020\114\356\304\254\020\103\246\245
\236\012\325\225\142\232\015\317\210\202\305\062\014\344\053\237
\105\346\015\237\050\234\261\271\052\132\127\255\067\017\257\035
\177\333\275\237
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Go Daddy Class 2 CA"
# Issuer: OU=Go Daddy Class 2 Certification Authority,O="The Go Daddy Group, Inc.",C=US
# Serial Number: 0 (0x0)
# Subject: OU=Go Daddy Class 2 Certification Authority,O="The Go Daddy Group, Inc.",C=US
# Not Valid Before: Tue Jun 29 17:06:20 2004
# Not Valid After : Thu Jun 29 17:06:20 2034
# Fingerprint (MD5): 91:DE:06:25:AB:DA:FD:32:17:0C:BB:25:17:2A:84:67
@@ -5262,16 +5295,17 @@
\055\225\276\365\161\220\103\314\215\037\232\000\012\207\051\351
\125\042\130\000\043\352\343\022\103\051\133\107\010\335\214\101
\152\145\006\250\345\041\252\101\264\225\041\225\271\175\321\064
\253\023\326\255\274\334\342\075\071\315\275\076\165\160\241\030
\131\003\311\042\264\217\234\325\136\052\327\245\266\324\012\155
\370\267\100\021\106\232\037\171\016\142\277\017\227\354\340\057
\037\027\224
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Starfield Class 2 CA"
# Issuer: OU=Starfield Class 2 Certification Authority,O="Starfield Technologies, Inc.",C=US
# Serial Number: 0 (0x0)
# Subject: OU=Starfield Class 2 Certification Authority,O="Starfield Technologies, Inc.",C=US
# Not Valid Before: Tue Jun 29 17:39:16 2004
# Not Valid After : Thu Jun 29 17:39:16 2034
# Fingerprint (MD5): 32:4A:4B:BB:C8:63:69:9B:BE:74:9A:C6:DD:1D:46:24
@@ -5467,16 +5501,17 @@
\115\340\167\055\341\145\231\162\151\004\032\107\011\346\017\001
\126\044\373\037\277\016\171\251\130\056\271\304\011\001\176\225
\272\155\000\006\076\262\352\112\020\071\330\320\053\365\277\354
\165\277\227\002\305\011\033\010\334\125\067\342\201\373\067\204
\103\142\040\312\347\126\113\145\352\376\154\301\044\223\044\241
\064\353\005\377\232\042\256\233\175\077\361\145\121\012\246\060
\152\263\364\210\034\200\015\374\162\212\350\203\136
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "StartCom Certification Authority"
# Issuer: CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL
# Serial Number: 1 (0x1)
# Subject: CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL
# Not Valid Before: Sun Sep 17 19:46:36 2006
# Not Valid After : Wed Sep 17 19:46:36 2036
# Fingerprint (MD5): 22:4D:8F:8A:FC:F7:35:C2:BB:57:34:90:7B:8B:22:16
@@ -5631,16 +5666,17 @@
\262\304\060\231\043\116\135\362\110\241\022\014\334\022\220\011
\220\124\221\003\074\107\345\325\311\145\340\267\113\175\354\107
\323\263\013\076\255\236\320\164\000\016\353\275\121\255\300\336
\054\300\303\152\376\357\334\013\247\372\106\337\140\333\234\246
\131\120\165\043\151\163\223\262\371\374\002\323\107\346\161\316
\020\002\356\047\214\204\377\254\105\015\023\134\203\062\340\045
\245\206\054\174\364\022
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Taiwan GRCA"
# Issuer: O=Government Root Certification Authority,C=TW
# Serial Number:1f:9d:59:5a:d7:2f:c2:06:44:a5:80:08:69:e3:5e:f6
# Subject: O=Government Root Certification Authority,C=TW
# Not Valid Before: Thu Dec 05 13:23:33 2002
# Not Valid After : Sun Dec 05 13:23:33 2032
# Fingerprint (MD5): 37:85:44:53:32:45:1F:20:F0:F3:95:E1:25:C4:43:4E
@@ -5803,16 +5839,17 @@
\204\126\141\276\161\027\376\035\023\017\376\306\207\105\351\376
\062\240\032\015\023\244\224\125\161\245\026\213\272\312\211\260
\262\307\374\217\330\124\265\223\142\235\316\317\131\373\075\030
\316\052\313\065\025\202\135\377\124\042\133\161\122\373\267\311
\376\140\233\000\101\144\360\252\052\354\266\102\103\316\211\146
\201\310\213\237\071\124\003\045\323\026\065\216\204\320\137\372
\060\032\365\232\154\364\016\123\371\072\133\321\034
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Swisscom Root CA 1"
# Issuer: CN=Swisscom Root CA 1,OU=Digital Certificate Services,O=Swisscom,C=ch
# Serial Number:5c:0b:85:5c:0b:e7:59:41:df:57:cc:3f:7f:9d:a8:36
# Subject: CN=Swisscom Root CA 1,OU=Digital Certificate Services,O=Swisscom,C=ch
# Not Valid Before: Thu Aug 18 12:06:20 2005
# Not Valid After : Mon Aug 18 22:06:20 2025
# Fingerprint (MD5): F8:38:7C:77:88:DF:2C:16:68:2E:C2:E2:52:4B:B8:F9
@@ -5943,16 +5980,17 @@
\102\267\372\214\036\335\142\361\276\120\147\267\154\275\363\361
\037\153\014\066\007\026\177\067\174\251\133\155\172\361\022\106
\140\203\327\047\004\276\113\316\227\276\303\147\052\150\021\337
\200\347\014\063\146\277\023\015\024\156\363\177\037\143\020\036
\372\215\033\045\155\154\217\245\267\141\001\261\322\243\046\241
\020\161\235\255\342\303\371\303\231\121\267\053\007\010\316\056
\346\120\262\247\372\012\105\057\242\360\362
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "DigiCert Assured ID Root CA"
# Issuer: CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
# Serial Number:0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
# Subject: CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
# Not Valid Before: Fri Nov 10 00:00:00 2006
# Not Valid After : Mon Nov 10 00:00:00 2031
# Fingerprint (MD5): 87:CE:0B:7B:2A:0E:49:00:E1:58:71:9B:37:A8:93:72
@@ -6083,16 +6121,17 @@
\076\052\271\066\123\317\072\120\006\367\056\350\304\127\111\154
\141\041\030\325\004\255\170\074\054\072\200\153\247\353\257\025
\024\351\330\211\301\271\070\154\342\221\154\212\377\144\271\167
\045\127\060\300\033\044\243\341\334\351\337\107\174\265\264\044
\010\005\060\354\055\275\013\277\105\277\120\271\251\363\353\230
\001\022\255\310\210\306\230\064\137\215\012\074\306\351\325\225
\225\155\336
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "DigiCert Global Root CA"
# Issuer: CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
# Serial Number:08:3b:e0:56:90:42:46:b1:a1:75:6a:c9:59:91:c7:4a
# Subject: CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
# Not Valid Before: Fri Nov 10 00:00:00 2006
# Not Valid After : Mon Nov 10 00:00:00 2031
# Fingerprint (MD5): 79:E4:A9:84:0D:7D:3A:96:D7:C0:4F:E2:43:4C:89:2E
@@ -6224,16 +6263,17 @@
\143\070\275\104\244\177\344\046\053\012\304\227\151\015\351\214
\342\300\020\127\270\310\166\022\221\125\362\110\151\330\274\052
\002\133\017\104\324\040\061\333\364\272\160\046\135\220\140\236
\274\113\027\011\057\264\313\036\103\150\311\007\047\301\322\134
\367\352\041\271\150\022\234\074\234\277\236\374\200\134\233\143
\315\354\107\252\045\047\147\240\067\363\000\202\175\124\327\251
\370\351\056\023\243\167\350\037\112
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "DigiCert High Assurance EV Root CA"
# Issuer: CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
# Serial Number:02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
# Subject: CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
# Not Valid Before: Fri Nov 10 00:00:00 2006
# Not Valid After : Mon Nov 10 00:00:00 2031
# Fingerprint (MD5): D4:74:DE:57:5C:39:B2:D3:9C:85:83:C5:C0:65:49:8A
@@ -6356,16 +6396,17 @@
\311\273\211\176\156\200\210\036\057\024\264\003\044\250\062\157
\003\232\107\054\060\276\126\306\247\102\002\160\033\352\100\330
\272\005\003\160\007\244\226\377\375\110\063\012\341\334\245\201
\220\233\115\335\175\347\347\262\315\134\310\152\225\370\245\366
\215\304\135\170\010\276\173\006\326\111\317\031\066\120\043\056
\010\346\236\005\115\107\030\325\026\351\261\326\266\020\325\273
\227\277\242\216\264\124
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Certplus Class 2 Primary CA"
# Issuer: CN=Class 2 Primary CA,O=Certplus,C=FR
# Serial Number:00:85:bd:4b:f3:d8:da:e3:69:f6:94:d7:5f:c3:a5:44:23
# Subject: CN=Class 2 Primary CA,O=Certplus,C=FR
# Not Valid Before: Wed Jul 07 17:05:00 1999
# Not Valid After : Sat Jul 06 23:59:59 2019
# Fingerprint (MD5): 88:2C:8C:52:B8:A2:3C:F3:F7:BB:03:EA:AE:AC:42:0B
@@ -6482,16 +6523,17 @@
\162\062\207\306\360\104\273\123\162\155\103\365\046\110\232\122
\147\267\130\253\376\147\166\161\170\333\015\242\126\024\023\071
\044\061\205\242\250\002\132\060\107\341\335\120\007\274\002\011
\220\000\353\144\143\140\233\026\274\210\311\022\346\322\175\221
\213\371\075\062\215\145\264\351\174\261\127\166\352\305\266\050
\071\277\025\145\034\310\366\167\226\152\012\215\167\013\330\221
\013\004\216\007\333\051\266\012\356\235\202\065\065\020
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "DST Root CA X3"
# Issuer: CN=DST Root CA X3,O=Digital Signature Trust Co.
# Serial Number:44:af:b0:80:d6:a3:27:ba:89:30:39:86:2e:f8:40:6b
# Subject: CN=DST Root CA X3,O=Digital Signature Trust Co.
# Not Valid Before: Sat Sep 30 21:12:19 2000
# Not Valid After : Thu Sep 30 14:01:15 2021
# Fingerprint (MD5): 41:03:52:DC:0F:F7:50:1B:16:F0:02:8E:BA:6F:45:C5
@@ -6623,16 +6665,17 @@
\343\062\213\372\340\301\206\115\162\074\056\330\223\170\012\052
\370\330\322\047\075\031\211\137\132\173\212\073\314\014\332\121
\256\307\013\367\053\260\067\005\354\274\127\043\342\070\322\233
\150\363\126\022\210\117\102\174\270\061\304\265\333\344\310\041
\064\351\110\021\065\356\372\307\222\127\305\237\064\344\307\366
\367\016\013\114\234\150\170\173\161\061\307\353\036\340\147\101
\363\267\240\247\315\345\172\063\066\152\372\232\053
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "DST ACES CA X6"
# Issuer: CN=DST ACES CA X6,OU=DST ACES,O=Digital Signature Trust,C=US
# Serial Number:0d:5e:99:0a:d6:9d:b7:78:ec:d8:07:56:3b:86:15:d9
# Subject: CN=DST ACES CA X6,OU=DST ACES,O=Digital Signature Trust,C=US
# Not Valid Before: Thu Nov 20 21:19:58 2003
# Not Valid After : Mon Nov 20 21:19:58 2017
# Fingerprint (MD5): 21:D8:4C:82:2B:99:09:33:A2:EB:14:24:8D:8E:5F:E8
@@ -6790,16 +6833,17 @@
\137\373\140\130\321\373\304\301\155\211\242\273\040\037\235\161
\221\313\062\233\023\075\076\175\222\122\065\254\222\224\242\323
\030\302\174\307\352\257\166\005\026\335\147\047\302\176\034\007
\042\041\363\100\012\033\064\007\104\023\302\204\152\216\337\031
\132\277\177\353\035\342\032\070\321\134\257\107\222\153\200\265
\060\245\311\215\330\253\061\201\037\337\302\146\067\323\223\251
\205\206\171\145\322
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "SwissSign Platinum CA - G2"
# Issuer: CN=SwissSign Platinum CA - G2,O=SwissSign AG,C=CH
# Serial Number:4e:b2:00:67:0c:03:5d:4f
# Subject: CN=SwissSign Platinum CA - G2,O=SwissSign AG,C=CH
# Not Valid Before: Wed Oct 25 08:36:00 2006
# Not Valid After : Sat Oct 25 08:36:00 2036
# Fingerprint (MD5): C9:98:27:77:28:1E:3D:0E:15:3C:84:00:B8:85:03:E6
@@ -6954,16 +6998,17 @@
\001\320\277\150\236\143\140\153\065\115\013\155\272\241\075\300
\223\340\177\043\263\125\255\162\045\116\106\371\322\026\357\260
\144\301\001\236\351\312\240\152\230\016\317\330\140\362\057\111
\270\344\102\341\070\065\026\364\310\156\117\367\201\126\350\272
\243\276\043\257\256\375\157\003\340\002\073\060\166\372\033\155
\101\317\001\261\351\270\311\146\364\333\046\363\072\244\164\362
\111\044\133\311\260\320\127\301\372\076\172\341\227\311
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "SwissSign Gold CA - G2"
# Issuer: CN=SwissSign Gold CA - G2,O=SwissSign AG,C=CH
# Serial Number:00:bb:40:1c:43:f5:5e:4f:b0
# Subject: CN=SwissSign Gold CA - G2,O=SwissSign AG,C=CH
# Not Valid Before: Wed Oct 25 08:30:35 2006
# Not Valid After : Sat Oct 25 08:30:35 2036
# Fingerprint (MD5): 24:77:D9:A8:91:D1:3B:FA:88:2D:C2:FF:F8:CD:33:93
@@ -7119,16 +7164,17 @@
\212\060\372\215\345\232\153\025\001\116\147\252\332\142\126\076
\204\010\146\322\304\066\175\247\076\020\374\210\340\324\200\345
\000\275\252\363\116\006\243\172\152\371\142\162\343\011\117\353
\233\016\001\043\361\237\273\174\334\334\154\021\227\045\262\362
\264\143\024\322\006\052\147\214\203\365\316\352\007\330\232\152
\036\354\344\012\273\052\114\353\011\140\071\316\312\142\330\056
\156
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "SwissSign Silver CA - G2"
# Issuer: CN=SwissSign Silver CA - G2,O=SwissSign AG,C=CH
# Serial Number:4f:1b:d4:2f:54:bb:2f:4b
# Subject: CN=SwissSign Silver CA - G2,O=SwissSign AG,C=CH
# Not Valid Before: Wed Oct 25 08:32:46 2006
# Not Valid After : Sat Oct 25 08:32:46 2036
# Fingerprint (MD5): E0:06:A1:C9:7D:CF:C9:FC:0D:C0:56:75:96:D8:62:13
@@ -7250,16 +7296,17 @@
\254\257\031\240\163\022\055\374\302\101\272\201\221\332\026\132
\061\267\371\264\161\200\022\110\231\162\163\132\131\123\301\143
\122\063\355\247\311\322\071\002\160\372\340\261\102\146\051\252
\233\121\355\060\124\042\024\137\331\253\035\301\344\224\360\370
\365\053\367\352\312\170\106\326\270\221\375\246\015\053\032\024
\001\076\200\360\102\240\225\007\136\155\315\314\113\244\105\215
\253\022\350\263\336\132\345\240\174\350\017\042\035\132\351\131
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "GeoTrust Primary Certification Authority"
# Issuer: CN=GeoTrust Primary Certification Authority,O=GeoTrust Inc.,C=US
# Serial Number:18:ac:b5:6a:fd:69:b6:15:3a:63:6c:af:da:fa:c4:a1
# Subject: CN=GeoTrust Primary Certification Authority,O=GeoTrust Inc.,C=US
# Not Valid Before: Mon Nov 27 00:00:00 2006
# Not Valid After : Wed Jul 16 23:59:59 2036
# Fingerprint (MD5): 02:26:C3:01:5E:08:30:37:43:A9:D0:7D:CF:37:E6:BF
@@ -7404,16 +7451,17 @@
\376\254\100\171\345\254\020\157\075\217\033\171\166\213\304\067
\263\041\030\204\345\066\000\353\143\040\231\271\351\376\063\004
\273\101\310\301\002\371\104\143\040\236\201\316\102\323\326\077
\054\166\323\143\234\131\335\217\246\341\016\240\056\101\367\056
\225\107\317\274\375\063\363\366\013\141\176\176\221\053\201\107
\302\047\060\356\247\020\135\067\217\134\071\053\344\004\360\173
\215\126\214\150
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "thawte Primary Root CA"
# Issuer: CN=thawte Primary Root CA,OU="(c) 2006 thawte, Inc. - For authorized use only",OU=Certification Services Division,O="thawte, Inc.",C=US
# Serial Number:34:4e:d5:57:20:d5:ed:ec:49:f4:2f:ce:37:db:2b:6d
# Subject: CN=thawte Primary Root CA,OU="(c) 2006 thawte, Inc. - For authorized use only",OU=Certification Services Division,O="thawte, Inc.",C=US
# Not Valid Before: Fri Nov 17 00:00:00 2006
# Not Valid After : Wed Jul 16 23:59:59 2036
# Fingerprint (MD5): 8C:CA:DC:0B:22:CE:F5:BE:72:AC:41:1A:11:A8:D8:12
@@ -7578,16 +7626,17 @@
\336\375\250\202\052\155\050\037\015\013\304\345\347\032\046\031
\341\364\021\157\020\265\225\374\347\102\005\062\333\316\235\121
\136\050\266\236\205\323\133\357\245\175\105\100\162\216\267\016
\153\016\006\373\063\065\110\161\270\235\047\213\304\145\137\015
\206\166\234\104\172\366\225\134\366\135\062\010\063\244\124\266
\030\077\150\134\362\102\112\205\070\124\203\137\321\350\054\362
\254\021\326\250\355\143\152
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "VeriSign Class 3 Public Primary Certification Authority - G5"
# Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU="(c) 2006 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
# Serial Number:18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
# Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU="(c) 2006 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
# Not Valid Before: Wed Nov 08 00:00:00 2006
# Not Valid After : Wed Jul 16 23:59:59 2036
# Fingerprint (MD5): CB:17:E4:31:67:3E:E2:09:FE:45:57:93:F3:0A:FA:1C
@@ -7720,16 +7769,17 @@
\144\122\066\137\140\147\331\234\305\005\164\013\347\147\043\322
\010\374\210\351\256\213\177\341\060\364\067\176\375\306\062\332
\055\236\104\060\060\154\356\007\336\322\064\374\322\377\100\366
\113\364\146\106\006\124\246\362\062\012\143\046\060\153\233\321
\334\213\107\272\341\271\325\142\320\242\240\364\147\005\170\051
\143\032\157\004\326\370\306\114\243\232\261\067\264\215\345\050
\113\035\236\054\302\270\150\274\355\002\356\061
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "SecureTrust CA"
# Issuer: CN=SecureTrust CA,O=SecureTrust Corporation,C=US
# Serial Number:0c:f0:8e:5c:08:16:a5:ad:42:7f:f0:eb:27:18:59:d0
# Subject: CN=SecureTrust CA,O=SecureTrust Corporation,C=US
# Not Valid Before: Tue Nov 07 19:31:18 2006
# Not Valid After : Mon Dec 31 19:40:55 2029
# Fingerprint (MD5): DC:32:C3:A7:6D:25:57:C7:68:09:9D:EA:2D:A9:A2:D1
@@ -7854,16 +7904,17 @@
\103\265\113\055\024\237\371\334\046\015\277\246\107\164\006\330
\210\321\072\051\060\204\316\322\071\200\142\033\250\307\127\111
\274\152\125\121\147\025\112\276\065\007\344\325\165\230\067\171
\060\024\333\051\235\154\305\151\314\107\125\242\060\367\314\134
\177\302\303\230\034\153\116\026\200\353\172\170\145\105\242\000
\032\257\014\015\125\144\064\110\270\222\271\361\264\120\051\362
\117\043\037\332\154\254\037\104\341\335\043\170\121\133\307\026
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Secure Global CA"
# Issuer: CN=Secure Global CA,O=SecureTrust Corporation,C=US
# Serial Number:07:56:22:a4:e8:d4:8a:89:4d:f4:13:c8:f0:f8:ea:a5
# Subject: CN=Secure Global CA,O=SecureTrust Corporation,C=US
# Not Valid Before: Tue Nov 07 19:42:28 2006
# Not Valid After : Mon Dec 31 19:52:06 2029
# Fingerprint (MD5): CF:F4:27:0D:D4:ED:DC:65:16:49:6D:3D:DA:BF:6E:DE
@@ -8003,16 +8054,17 @@
\314\225\122\223\360\160\045\131\234\040\147\304\356\371\213\127
\141\364\222\166\175\077\204\215\125\267\350\345\254\325\361\365
\031\126\246\132\373\220\034\257\223\353\345\034\324\147\227\135
\004\016\276\013\203\246\027\203\271\060\022\240\305\063\025\005
\271\015\373\307\005\166\343\330\112\215\374\064\027\243\306\041
\050\276\060\105\061\036\307\170\276\130\141\070\254\073\342\001
\145
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "COMODO Certification Authority"
# Issuer: CN=COMODO Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
# Serial Number:4e:81:2d:8a:82:65:e0:0b:02:ee:3e:35:02:46:e5:3d
# Subject: CN=COMODO Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
# Not Valid Before: Fri Dec 01 00:00:00 2006
# Not Valid After : Mon Dec 31 23:59:59 2029
# Fingerprint (MD5): 5C:48:DC:F7:42:72:EC:56:94:6D:1C:CC:71:35:80:75
@@ -8148,16 +8200,17 @@
\056\044\137\313\130\017\353\050\354\257\021\226\363\334\173\157
\300\247\210\362\123\167\263\140\136\256\256\050\332\065\054\157
\064\105\323\046\341\336\354\133\117\047\153\026\174\275\104\004
\030\202\263\211\171\027\020\161\075\172\242\026\116\365\001\315
\244\154\145\150\241\111\166\134\103\311\330\274\066\147\154\245
\224\265\324\314\271\275\152\065\126\041\336\330\303\353\373\313
\244\140\114\260\125\240\240\173\127\262
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Network Solutions Certificate Authority"
# Issuer: CN=Network Solutions Certificate Authority,O=Network Solutions L.L.C.,C=US
# Serial Number:57:cb:33:6f:c2:5c:16:e6:47:16:17:e3:90:31:68:e0
# Subject: CN=Network Solutions Certificate Authority,O=Network Solutions L.L.C.,C=US
# Not Valid Before: Fri Dec 01 00:00:00 2006
# Not Valid After : Mon Dec 31 23:59:59 2029
# Fingerprint (MD5): D3:F3:A6:16:C0:FA:6B:1D:59:B1:2D:96:4D:0E:11:2E
@@ -8188,177 +8241,16 @@
\150\340
END
CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "WellsSecure Public Root Certificate Authority"
-#
-# Issuer: CN=WellsSecure Public Root Certificate Authority,OU=Wells Fargo Bank NA,O=Wells Fargo WellsSecure,C=US
-# Serial Number: 1 (0x1)
-# Subject: CN=WellsSecure Public Root Certificate Authority,OU=Wells Fargo Bank NA,O=Wells Fargo WellsSecure,C=US
-# Not Valid Before: Thu Dec 13 17:07:54 2007
-# Not Valid After : Wed Dec 14 00:07:54 2022
-# Fingerprint (MD5): 15:AC:A5:C2:92:2D:79:BC:E8:7F:CB:67:ED:02:CF:36
-# Fingerprint (SHA1): E7:B4:F6:9D:61:EC:90:69:DB:7E:90:A7:40:1A:3C:F4:7D:4F:E8:EE
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "WellsSecure Public Root Certificate Authority"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\205\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\040\060\036\006\003\125\004\012\014\027\127\145\154\154\163
-\040\106\141\162\147\157\040\127\145\154\154\163\123\145\143\165
-\162\145\061\034\060\032\006\003\125\004\013\014\023\127\145\154
-\154\163\040\106\141\162\147\157\040\102\141\156\153\040\116\101
-\061\066\060\064\006\003\125\004\003\014\055\127\145\154\154\163
-\123\145\143\165\162\145\040\120\165\142\154\151\143\040\122\157
-\157\164\040\103\145\162\164\151\146\151\143\141\164\145\040\101
-\165\164\150\157\162\151\164\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\205\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\040\060\036\006\003\125\004\012\014\027\127\145\154\154\163
-\040\106\141\162\147\157\040\127\145\154\154\163\123\145\143\165
-\162\145\061\034\060\032\006\003\125\004\013\014\023\127\145\154
-\154\163\040\106\141\162\147\157\040\102\141\156\153\040\116\101
-\061\066\060\064\006\003\125\004\003\014\055\127\145\154\154\163
-\123\145\143\165\162\145\040\120\165\142\154\151\143\040\122\157
-\157\164\040\103\145\162\164\151\146\151\143\141\164\145\040\101
-\165\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\275\060\202\003\245\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\201\205\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\040\060\036\006\003\125\004\012\014\027\127\145\154\154\163\040
-\106\141\162\147\157\040\127\145\154\154\163\123\145\143\165\162
-\145\061\034\060\032\006\003\125\004\013\014\023\127\145\154\154
-\163\040\106\141\162\147\157\040\102\141\156\153\040\116\101\061
-\066\060\064\006\003\125\004\003\014\055\127\145\154\154\163\123
-\145\143\165\162\145\040\120\165\142\154\151\143\040\122\157\157
-\164\040\103\145\162\164\151\146\151\143\141\164\145\040\101\165
-\164\150\157\162\151\164\171\060\036\027\015\060\067\061\062\061
-\063\061\067\060\067\065\064\132\027\015\062\062\061\062\061\064
-\060\060\060\067\065\064\132\060\201\205\061\013\060\011\006\003
-\125\004\006\023\002\125\123\061\040\060\036\006\003\125\004\012
-\014\027\127\145\154\154\163\040\106\141\162\147\157\040\127\145
-\154\154\163\123\145\143\165\162\145\061\034\060\032\006\003\125
-\004\013\014\023\127\145\154\154\163\040\106\141\162\147\157\040
-\102\141\156\153\040\116\101\061\066\060\064\006\003\125\004\003
-\014\055\127\145\154\154\163\123\145\143\165\162\145\040\120\165
-\142\154\151\143\040\122\157\157\164\040\103\145\162\164\151\146
-\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171\060
-\202\001\042\060\015\006\011\052\206\110\206\367\015\001\001\001
-\005\000\003\202\001\017\000\060\202\001\012\002\202\001\001\000
-\356\157\264\275\171\342\217\010\041\236\070\004\101\045\357\253
-\133\034\123\222\254\155\236\335\302\304\056\105\224\003\065\210
-\147\164\127\343\337\214\270\247\166\217\073\367\250\304\333\051
-\143\016\221\150\066\212\227\216\212\161\150\011\007\344\350\324
-\016\117\370\326\053\114\244\026\371\357\103\230\217\263\236\122
-\337\155\221\071\217\070\275\167\213\103\143\353\267\223\374\060
-\114\034\001\223\266\023\373\367\241\037\277\045\341\164\067\054
-\036\244\136\074\150\370\113\277\015\271\036\056\066\350\251\344
-\247\370\017\313\202\165\174\065\055\042\326\302\277\013\363\264
-\374\154\225\141\036\127\327\004\201\062\203\122\171\346\203\143
-\317\267\313\143\213\021\342\275\136\353\366\215\355\225\162\050
-\264\254\022\142\351\112\063\346\203\062\256\005\165\225\275\204
-\225\333\052\134\233\216\056\014\270\201\053\101\346\070\126\237
-\111\233\154\166\372\212\135\367\001\171\201\174\301\203\100\005
-\376\161\375\014\077\314\116\140\011\016\145\107\020\057\001\300
-\005\077\217\370\263\101\357\132\102\176\131\357\322\227\014\145
-\002\003\001\000\001\243\202\001\064\060\202\001\060\060\017\006
-\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\071
-\006\003\125\035\037\004\062\060\060\060\056\240\054\240\052\206
-\050\150\164\164\160\072\057\057\143\162\154\056\160\153\151\056
-\167\145\154\154\163\146\141\162\147\157\056\143\157\155\057\167
-\163\160\162\143\141\056\143\162\154\060\016\006\003\125\035\017
-\001\001\377\004\004\003\002\001\306\060\035\006\003\125\035\016
-\004\026\004\024\046\225\031\020\331\350\241\227\221\377\334\031
-\331\265\004\076\322\163\012\152\060\201\262\006\003\125\035\043
-\004\201\252\060\201\247\200\024\046\225\031\020\331\350\241\227
-\221\377\334\031\331\265\004\076\322\163\012\152\241\201\213\244
-\201\210\060\201\205\061\013\060\011\006\003\125\004\006\023\002
-\125\123\061\040\060\036\006\003\125\004\012\014\027\127\145\154
-\154\163\040\106\141\162\147\157\040\127\145\154\154\163\123\145
-\143\165\162\145\061\034\060\032\006\003\125\004\013\014\023\127
-\145\154\154\163\040\106\141\162\147\157\040\102\141\156\153\040
-\116\101\061\066\060\064\006\003\125\004\003\014\055\127\145\154
-\154\163\123\145\143\165\162\145\040\120\165\142\154\151\143\040
-\122\157\157\164\040\103\145\162\164\151\146\151\143\141\164\145
-\040\101\165\164\150\157\162\151\164\171\202\001\001\060\015\006
-\011\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001
-\000\271\025\261\104\221\314\043\310\053\115\167\343\370\232\173
-\047\015\315\162\273\231\000\312\174\146\031\120\306\325\230\355
-\253\277\003\132\345\115\345\036\310\117\161\227\206\325\343\035
-\375\220\311\074\165\167\127\172\175\370\336\364\324\325\367\225
-\346\164\156\035\074\256\174\235\333\002\003\005\054\161\113\045
-\076\007\343\136\232\365\146\027\051\210\032\070\237\317\252\101
-\003\204\227\153\223\070\172\312\060\104\033\044\104\063\320\344
-\321\334\050\070\364\023\103\065\065\051\143\250\174\242\265\255
-\070\244\355\255\375\306\232\037\377\227\163\376\373\263\065\247
-\223\206\306\166\221\000\346\254\121\026\304\047\062\134\333\163
-\332\245\223\127\216\076\155\065\046\010\131\325\347\104\327\166
-\040\143\347\254\023\147\303\155\261\160\106\174\325\226\021\075
-\211\157\135\250\241\353\215\012\332\303\035\063\154\243\352\147
-\031\232\231\177\113\075\203\121\052\035\312\057\206\014\242\176
-\020\055\053\324\026\225\013\007\252\056\024\222\111\267\051\157
-\330\155\061\175\365\374\241\020\007\207\316\057\131\334\076\130
-\333
-END
-
-# Trust for Certificate "WellsSecure Public Root Certificate Authority"
-# Issuer: CN=WellsSecure Public Root Certificate Authority,OU=Wells Fargo Bank NA,O=Wells Fargo WellsSecure,C=US
-# Serial Number: 1 (0x1)
-# Subject: CN=WellsSecure Public Root Certificate Authority,OU=Wells Fargo Bank NA,O=Wells Fargo WellsSecure,C=US
-# Not Valid Before: Thu Dec 13 17:07:54 2007
-# Not Valid After : Wed Dec 14 00:07:54 2022
-# Fingerprint (MD5): 15:AC:A5:C2:92:2D:79:BC:E8:7F:CB:67:ED:02:CF:36
-# Fingerprint (SHA1): E7:B4:F6:9D:61:EC:90:69:DB:7E:90:A7:40:1A:3C:F4:7D:4F:E8:EE
-CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "WellsSecure Public Root Certificate Authority"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\347\264\366\235\141\354\220\151\333\176\220\247\100\032\074\364
-\175\117\350\356
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\025\254\245\302\222\055\171\274\350\177\313\147\355\002\317\066
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\205\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\040\060\036\006\003\125\004\012\014\027\127\145\154\154\163
-\040\106\141\162\147\157\040\127\145\154\154\163\123\145\143\165
-\162\145\061\034\060\032\006\003\125\004\013\014\023\127\145\154
-\154\163\040\106\141\162\147\157\040\102\141\156\153\040\116\101
-\061\066\060\064\006\003\125\004\003\014\055\127\145\154\154\163
-\123\145\143\165\162\145\040\120\165\142\154\151\143\040\122\157
-\157\164\040\103\145\162\164\151\146\151\143\141\164\145\040\101
-\165\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
-CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
-
-#
# Certificate "COMODO ECC Certification Authority"
#
# Issuer: CN=COMODO ECC Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
# Serial Number:1f:47:af:aa:62:00:70:50:54:4c:01:9e:9b:63:99:2a
# Subject: CN=COMODO ECC Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
# Not Valid Before: Thu Mar 06 00:00:00 2008
# Not Valid After : Mon Jan 18 23:59:59 2038
# Fingerprint (MD5): 7C:62:FF:74:9D:31:53:5E:68:4A:D5:78:AA:1E:BF:23
@@ -8434,16 +8326,17 @@
\004\003\003\003\150\000\060\145\002\061\000\357\003\133\172\254
\267\170\012\162\267\210\337\377\265\106\024\011\012\372\240\346
\175\010\306\032\207\275\030\250\163\275\046\312\140\014\235\316
\231\237\317\134\017\060\341\276\024\061\352\002\060\024\364\223
\074\111\247\063\172\220\106\107\263\143\175\023\233\116\267\157
\030\067\200\123\376\335\040\340\065\232\066\321\307\001\271\346
\334\335\363\377\035\054\072\026\127\331\222\071\326
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "COMODO ECC Certification Authority"
# Issuer: CN=COMODO ECC Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
# Serial Number:1f:47:af:aa:62:00:70:50:54:4c:01:9e:9b:63:99:2a
# Subject: CN=COMODO ECC Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
# Not Valid Before: Thu Mar 06 00:00:00 2008
# Not Valid After : Mon Jan 18 23:59:59 2038
# Fingerprint (MD5): 7C:62:FF:74:9D:31:53:5E:68:4A:D5:78:AA:1E:BF:23
@@ -8741,16 +8634,17 @@
\250\215\376\206\076\007\026\222\341\173\347\035\354\063\166\176
\102\056\112\205\371\221\211\150\204\003\201\245\233\232\276\343
\067\305\124\253\126\073\030\055\101\244\014\370\102\333\231\240
\340\162\157\273\135\341\026\117\123\012\144\371\116\364\277\116
\124\275\170\154\210\352\277\234\023\044\302\160\151\242\177\017
\310\074\255\010\311\260\230\100\243\052\347\210\203\355\167\217
\164
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Security Communication EV RootCA1"
# Issuer: OU=Security Communication EV RootCA1,O="SECOM Trust Systems CO.,LTD.",C=JP
# Serial Number: 0 (0x0)
# Subject: OU=Security Communication EV RootCA1,O="SECOM Trust Systems CO.,LTD.",C=JP
# Not Valid Before: Wed Jun 06 02:12:32 2007
# Not Valid After : Sat Jun 06 02:12:32 2037
# Fingerprint (MD5): 22:2D:A6:01:EA:7C:0A:F7:F0:6C:56:43:3F:77:76:D3
@@ -8888,16 +8782,17 @@
\204\325\120\003\266\342\204\243\246\066\252\021\072\001\341\030
\113\326\104\150\263\075\371\123\164\204\263\106\221\106\226\000
\267\200\054\266\341\343\020\342\333\242\347\050\217\001\226\142
\026\076\000\343\034\245\066\201\030\242\114\122\166\300\021\243
\156\346\035\272\343\132\276\066\123\305\076\165\217\206\151\051
\130\123\265\234\273\157\237\134\305\030\354\335\057\341\230\311
\374\276\337\012\015
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "OISTE WISeKey Global Root GA CA"
# Issuer: CN=OISTE WISeKey Global Root GA CA,OU=OISTE Foundation Endorsed,OU=Copyright (c) 2005,O=WISeKey,C=CH
# Serial Number:41:3d:72:c7:f4:6b:1f:81:43:7d:f1:d2:28:54:df:9a
# Subject: CN=OISTE WISeKey Global Root GA CA,OU=OISTE Foundation Endorsed,OU=Copyright (c) 2005,O=WISeKey,C=CH
# Not Valid Before: Sun Dec 11 16:03:44 2005
# Not Valid After : Fri Dec 11 16:09:51 2037
# Fingerprint (MD5): BC:6C:51:33:A7:E9:D3:66:63:54:15:72:1B:21:92:93
@@ -8930,222 +8825,16 @@
\337\232
END
CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "Microsec e-Szigno Root CA"
-#
-# Issuer: CN=Microsec e-Szigno Root CA,OU=e-Szigno CA,O=Microsec Ltd.,L=Budapest,C=HU
-# Serial Number:00:cc:b8:e7:bf:4e:29:1a:fd:a2:dc:66:a5:1c:2c:0f:11
-# Subject: CN=Microsec e-Szigno Root CA,OU=e-Szigno CA,O=Microsec Ltd.,L=Budapest,C=HU
-# Not Valid Before: Wed Apr 06 12:28:44 2005
-# Not Valid After : Thu Apr 06 12:28:44 2017
-# Fingerprint (MD5): F0:96:B6:2F:C5:10:D5:67:8E:83:25:32:E8:5E:2E:E5
-# Fingerprint (SHA1): 23:88:C9:D3:71:CC:9E:96:3D:FF:7D:3C:A7:CE:FC:D6:25:EC:19:0D
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Microsec e-Szigno Root CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\162\061\013\060\011\006\003\125\004\006\023\002\110\125\061
-\021\060\017\006\003\125\004\007\023\010\102\165\144\141\160\145
-\163\164\061\026\060\024\006\003\125\004\012\023\015\115\151\143
-\162\157\163\145\143\040\114\164\144\056\061\024\060\022\006\003
-\125\004\013\023\013\145\055\123\172\151\147\156\157\040\103\101
-\061\042\060\040\006\003\125\004\003\023\031\115\151\143\162\157
-\163\145\143\040\145\055\123\172\151\147\156\157\040\122\157\157
-\164\040\103\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\162\061\013\060\011\006\003\125\004\006\023\002\110\125\061
-\021\060\017\006\003\125\004\007\023\010\102\165\144\141\160\145
-\163\164\061\026\060\024\006\003\125\004\012\023\015\115\151\143
-\162\157\163\145\143\040\114\164\144\056\061\024\060\022\006\003
-\125\004\013\023\013\145\055\123\172\151\147\156\157\040\103\101
-\061\042\060\040\006\003\125\004\003\023\031\115\151\143\162\157
-\163\145\143\040\145\055\123\172\151\147\156\157\040\122\157\157
-\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\021\000\314\270\347\277\116\051\032\375\242\334\146\245\034
-\054\017\021
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\007\250\060\202\006\220\240\003\002\001\002\002\021\000
-\314\270\347\277\116\051\032\375\242\334\146\245\034\054\017\021
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\162\061\013\060\011\006\003\125\004\006\023\002\110\125\061\021
-\060\017\006\003\125\004\007\023\010\102\165\144\141\160\145\163
-\164\061\026\060\024\006\003\125\004\012\023\015\115\151\143\162
-\157\163\145\143\040\114\164\144\056\061\024\060\022\006\003\125
-\004\013\023\013\145\055\123\172\151\147\156\157\040\103\101\061
-\042\060\040\006\003\125\004\003\023\031\115\151\143\162\157\163
-\145\143\040\145\055\123\172\151\147\156\157\040\122\157\157\164
-\040\103\101\060\036\027\015\060\065\060\064\060\066\061\062\062
-\070\064\064\132\027\015\061\067\060\064\060\066\061\062\062\070
-\064\064\132\060\162\061\013\060\011\006\003\125\004\006\023\002
-\110\125\061\021\060\017\006\003\125\004\007\023\010\102\165\144
-\141\160\145\163\164\061\026\060\024\006\003\125\004\012\023\015
-\115\151\143\162\157\163\145\143\040\114\164\144\056\061\024\060
-\022\006\003\125\004\013\023\013\145\055\123\172\151\147\156\157
-\040\103\101\061\042\060\040\006\003\125\004\003\023\031\115\151
-\143\162\157\163\145\143\040\145\055\123\172\151\147\156\157\040
-\122\157\157\164\040\103\101\060\202\001\042\060\015\006\011\052
-\206\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060
-\202\001\012\002\202\001\001\000\355\310\000\325\201\173\315\070
-\000\107\314\333\204\301\041\151\054\164\220\014\041\331\123\207
-\355\076\103\104\123\257\253\370\200\233\074\170\215\324\215\256
-\270\357\323\021\334\201\346\317\073\226\214\326\157\025\306\167
-\176\241\057\340\137\222\266\047\327\166\232\035\103\074\352\331
-\354\057\356\071\363\152\147\113\213\202\317\042\370\145\125\376
-\054\313\057\175\110\172\075\165\371\252\240\047\273\170\302\006
-\312\121\302\176\146\113\257\315\242\247\115\002\202\077\202\254
-\205\306\341\017\220\107\231\224\012\161\162\223\052\311\246\300
-\276\074\126\114\163\222\047\361\153\265\365\375\374\060\005\140
-\222\306\353\226\176\001\221\302\151\261\036\035\173\123\105\270
-\334\101\037\311\213\161\326\124\024\343\213\124\170\077\276\364
-\142\073\133\365\243\354\325\222\164\342\164\060\357\001\333\341
-\324\253\231\233\052\153\370\275\246\034\206\043\102\137\354\111
-\336\232\213\133\364\162\072\100\305\111\076\245\276\216\252\161
-\353\154\372\365\032\344\152\375\173\175\125\100\357\130\156\346
-\331\325\274\044\253\301\357\267\002\003\001\000\001\243\202\004
-\067\060\202\004\063\060\147\006\010\053\006\001\005\005\007\001
-\001\004\133\060\131\060\050\006\010\053\006\001\005\005\007\060
-\001\206\034\150\164\164\160\163\072\057\057\162\143\141\056\145
-\055\163\172\151\147\156\157\056\150\165\057\157\143\163\160\060
-\055\006\010\053\006\001\005\005\007\060\002\206\041\150\164\164
-\160\072\057\057\167\167\167\056\145\055\163\172\151\147\156\157
-\056\150\165\057\122\157\157\164\103\101\056\143\162\164\060\017
-\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060
-\202\001\163\006\003\125\035\040\004\202\001\152\060\202\001\146
-\060\202\001\142\006\014\053\006\001\004\001\201\250\030\002\001
-\001\001\060\202\001\120\060\050\006\010\053\006\001\005\005\007
-\002\001\026\034\150\164\164\160\072\057\057\167\167\167\056\145
-\055\163\172\151\147\156\157\056\150\165\057\123\132\123\132\057
-\060\202\001\042\006\010\053\006\001\005\005\007\002\002\060\202
-\001\024\036\202\001\020\000\101\000\040\000\164\000\141\000\156
-\000\372\000\163\000\355\000\164\000\166\000\341\000\156\000\171
-\000\040\000\351\000\162\000\164\000\145\000\154\000\155\000\145
-\000\172\000\351\000\163\000\351\000\150\000\145\000\172\000\040
-\000\351\000\163\000\040\000\145\000\154\000\146\000\157\000\147
-\000\141\000\144\000\341\000\163\000\341\000\150\000\157\000\172
-\000\040\000\141\000\040\000\123\000\172\000\157\000\154\000\147
-\000\341\000\154\000\164\000\141\000\164\000\363\000\040\000\123
-\000\172\000\157\000\154\000\147\000\341\000\154\000\164\000\141
-\000\164\000\341\000\163\000\151\000\040\000\123\000\172\000\141
-\000\142\000\341\000\154\000\171\000\172\000\141\000\164\000\141
-\000\040\000\163\000\172\000\145\000\162\000\151\000\156\000\164
-\000\040\000\153\000\145\000\154\000\154\000\040\000\145\000\154
-\000\152\000\341\000\162\000\156\000\151\000\072\000\040\000\150
-\000\164\000\164\000\160\000\072\000\057\000\057\000\167\000\167
-\000\167\000\056\000\145\000\055\000\163\000\172\000\151\000\147
-\000\156\000\157\000\056\000\150\000\165\000\057\000\123\000\132
-\000\123\000\132\000\057\060\201\310\006\003\125\035\037\004\201
-\300\060\201\275\060\201\272\240\201\267\240\201\264\206\041\150
-\164\164\160\072\057\057\167\167\167\056\145\055\163\172\151\147
-\156\157\056\150\165\057\122\157\157\164\103\101\056\143\162\154
-\206\201\216\154\144\141\160\072\057\057\154\144\141\160\056\145
-\055\163\172\151\147\156\157\056\150\165\057\103\116\075\115\151
-\143\162\157\163\145\143\045\062\060\145\055\123\172\151\147\156
-\157\045\062\060\122\157\157\164\045\062\060\103\101\054\117\125
-\075\145\055\123\172\151\147\156\157\045\062\060\103\101\054\117
-\075\115\151\143\162\157\163\145\143\045\062\060\114\164\144\056
-\054\114\075\102\165\144\141\160\145\163\164\054\103\075\110\125
-\077\143\145\162\164\151\146\151\143\141\164\145\122\145\166\157
-\143\141\164\151\157\156\114\151\163\164\073\142\151\156\141\162
-\171\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001
-\006\060\201\226\006\003\125\035\021\004\201\216\060\201\213\201
-\020\151\156\146\157\100\145\055\163\172\151\147\156\157\056\150
-\165\244\167\060\165\061\043\060\041\006\003\125\004\003\014\032
-\115\151\143\162\157\163\145\143\040\145\055\123\172\151\147\156
-\303\263\040\122\157\157\164\040\103\101\061\026\060\024\006\003
-\125\004\013\014\015\145\055\123\172\151\147\156\303\263\040\110
-\123\132\061\026\060\024\006\003\125\004\012\023\015\115\151\143
-\162\157\163\145\143\040\113\146\164\056\061\021\060\017\006\003
-\125\004\007\023\010\102\165\144\141\160\145\163\164\061\013\060
-\011\006\003\125\004\006\023\002\110\125\060\201\254\006\003\125
-\035\043\004\201\244\060\201\241\200\024\307\240\111\165\026\141
-\204\333\061\113\204\322\361\067\100\220\357\116\334\367\241\166
-\244\164\060\162\061\013\060\011\006\003\125\004\006\023\002\110
-\125\061\021\060\017\006\003\125\004\007\023\010\102\165\144\141
-\160\145\163\164\061\026\060\024\006\003\125\004\012\023\015\115
-\151\143\162\157\163\145\143\040\114\164\144\056\061\024\060\022
-\006\003\125\004\013\023\013\145\055\123\172\151\147\156\157\040
-\103\101\061\042\060\040\006\003\125\004\003\023\031\115\151\143
-\162\157\163\145\143\040\145\055\123\172\151\147\156\157\040\122
-\157\157\164\040\103\101\202\021\000\314\270\347\277\116\051\032
-\375\242\334\146\245\034\054\017\021\060\035\006\003\125\035\016
-\004\026\004\024\307\240\111\165\026\141\204\333\061\113\204\322
-\361\067\100\220\357\116\334\367\060\015\006\011\052\206\110\206
-\367\015\001\001\005\005\000\003\202\001\001\000\323\023\234\146
-\143\131\056\312\134\160\014\374\203\274\125\261\364\216\007\154
-\146\047\316\301\073\040\251\034\273\106\124\160\356\132\314\240
-\167\352\150\104\047\353\362\051\335\167\251\325\373\343\324\247
-\004\304\225\270\013\341\104\150\140\007\103\060\061\102\141\345
-\356\331\345\044\325\033\337\341\112\033\252\237\307\137\370\172
-\021\352\023\223\000\312\212\130\261\356\355\016\115\264\327\250
-\066\046\174\340\072\301\325\127\202\361\165\266\375\211\137\332
-\363\250\070\237\065\006\010\316\042\225\276\315\325\374\276\133
-\336\171\153\334\172\251\145\146\276\261\045\132\137\355\176\323
-\254\106\155\114\364\062\207\264\040\004\340\154\170\260\167\321
-\205\106\113\246\022\267\165\350\112\311\126\154\327\222\253\235
-\365\111\070\322\117\123\343\125\220\021\333\230\226\306\111\362
-\076\364\237\033\340\367\210\334\045\142\231\104\330\163\277\077
-\060\363\014\067\076\324\302\050\200\163\261\001\267\235\132\226
-\024\001\113\251\021\235\051\152\056\320\135\201\300\317\262\040
-\103\307\003\340\067\116\135\012\334\131\040\045
-END
-
-# Trust for Certificate "Microsec e-Szigno Root CA"
-# Issuer: CN=Microsec e-Szigno Root CA,OU=e-Szigno CA,O=Microsec Ltd.,L=Budapest,C=HU
-# Serial Number:00:cc:b8:e7:bf:4e:29:1a:fd:a2:dc:66:a5:1c:2c:0f:11
-# Subject: CN=Microsec e-Szigno Root CA,OU=e-Szigno CA,O=Microsec Ltd.,L=Budapest,C=HU
-# Not Valid Before: Wed Apr 06 12:28:44 2005
-# Not Valid After : Thu Apr 06 12:28:44 2017
-# Fingerprint (MD5): F0:96:B6:2F:C5:10:D5:67:8E:83:25:32:E8:5E:2E:E5
-# Fingerprint (SHA1): 23:88:C9:D3:71:CC:9E:96:3D:FF:7D:3C:A7:CE:FC:D6:25:EC:19:0D
-CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Microsec e-Szigno Root CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\043\210\311\323\161\314\236\226\075\377\175\074\247\316\374\326
-\045\354\031\015
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\360\226\266\057\305\020\325\147\216\203\045\062\350\136\056\345
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\162\061\013\060\011\006\003\125\004\006\023\002\110\125\061
-\021\060\017\006\003\125\004\007\023\010\102\165\144\141\160\145
-\163\164\061\026\060\024\006\003\125\004\012\023\015\115\151\143
-\162\157\163\145\143\040\114\164\144\056\061\024\060\022\006\003
-\125\004\013\023\013\145\055\123\172\151\147\156\157\040\103\101
-\061\042\060\040\006\003\125\004\003\023\031\115\151\143\162\157
-\163\145\143\040\145\055\123\172\151\147\156\157\040\122\157\157
-\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\021\000\314\270\347\277\116\051\032\375\242\334\146\245\034
-\054\017\021
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
-CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
-
-#
# Certificate "Certigna"
#
# Issuer: CN=Certigna,O=Dhimyotis,C=FR
# Serial Number:00:fe:dc:e3:01:0f:c9:48:ff
# Subject: CN=Certigna,O=Dhimyotis,C=FR
# Not Valid Before: Fri Jun 29 15:13:05 2007
# Not Valid After : Tue Jun 29 15:13:05 2027
# Fingerprint (MD5): AB:57:A6:5B:7D:42:82:19:B5:D8:58:26:28:5E:FD:FF
@@ -9228,16 +8917,17 @@
\013\221\003\165\054\154\162\265\141\225\232\015\213\271\015\347
\365\337\124\315\336\346\330\326\011\010\227\143\345\301\056\260
\267\104\046\300\046\300\257\125\060\236\073\325\066\052\031\004
\364\134\036\377\317\054\267\377\320\375\207\100\021\325\021\043
\273\110\300\041\251\244\050\055\375\025\370\260\116\053\364\060
\133\041\374\021\221\064\276\101\357\173\235\227\165\377\227\225
\300\226\130\057\352\273\106\327\273\344\331\056
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Certigna"
# Issuer: CN=Certigna,O=Dhimyotis,C=FR
# Serial Number:00:fe:dc:e3:01:0f:c9:48:ff
# Subject: CN=Certigna,O=Dhimyotis,C=FR
# Not Valid Before: Fri Jun 29 15:13:05 2007
# Not Valid After : Tue Jun 29 15:13:05 2027
# Fingerprint (MD5): AB:57:A6:5B:7D:42:82:19:B5:D8:58:26:28:5E:FD:FF
@@ -9409,16 +9099,17 @@
\104\276\141\106\241\204\075\010\047\114\201\040\167\211\010\352
\147\100\136\154\010\121\137\064\132\214\226\150\315\327\367\211
\302\034\323\062\000\257\122\313\323\140\133\052\072\107\176\153
\060\063\241\142\051\177\112\271\341\055\347\024\043\016\016\030
\107\341\171\374\025\125\320\261\374\045\161\143\165\063\034\043
\053\257\134\331\355\107\167\140\016\073\017\036\322\300\334\144
\005\211\374\170\326\134\054\046\103\251
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "AC Raiz Certicamara S.A."
# Issuer: CN=AC Ra..z Certic..mara S.A.,O=Sociedad Cameral de Certificaci..n Digital - Certic..mara S.A.,C=CO
# Serial Number:07:7e:52:93:7b:e0:15:e3:57:f0:69:8c:cb:ec:0c
# Subject: CN=AC Ra..z Certic..mara S.A.,O=Sociedad Cameral de Certificaci..n Digital - Certic..mara S.A.,C=CO
# Not Valid Before: Mon Nov 27 20:46:29 2006
# Not Valid After : Tue Apr 02 21:42:02 2030
# Fingerprint (MD5): 93:2A:3E:F6:FD:23:69:0D:71:20:D4:2B:47:99:2B:A6
@@ -9566,16 +9257,17 @@
\334\071\361\305\162\243\021\003\375\073\102\122\051\333\350\001
\367\233\136\214\326\215\206\116\031\372\274\034\276\305\041\245
\207\236\170\056\066\333\011\161\243\162\064\370\154\343\006\011
\362\136\126\245\323\335\230\372\324\346\006\364\360\266\040\143
\113\352\051\275\252\202\146\036\373\201\252\247\067\255\023\030
\346\222\303\201\301\063\273\210\036\241\347\342\264\275\061\154
\016\121\075\157\373\226\126\200\342\066\027\321\334\344
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "TC TrustCenter Class 3 CA II"
# Issuer: CN=TC TrustCenter Class 3 CA II,OU=TC TrustCenter Class 3 CA,O=TC TrustCenter GmbH,C=DE
# Serial Number:4a:47:00:01:00:02:e5:a0:5d:d6:3f:00:51:bf
# Subject: CN=TC TrustCenter Class 3 CA II,OU=TC TrustCenter Class 3 CA,O=TC TrustCenter GmbH,C=DE
# Not Valid Before: Thu Jan 12 14:41:57 2006
# Not Valid After : Wed Dec 31 22:59:59 2025
# Fingerprint (MD5): 56:5F:AA:80:61:12:17:F6:67:21:E6:2B:6D:61:56:8E
@@ -9706,16 +9398,17 @@
\332\347\212\067\041\276\131\143\340\362\205\210\061\123\324\124
\024\205\160\171\364\056\006\167\047\165\057\037\270\212\371\376
\305\272\330\066\344\203\354\347\145\267\277\143\132\363\106\257
\201\224\067\324\101\214\326\043\326\036\317\365\150\033\104\143
\242\132\272\247\065\131\241\345\160\005\233\016\043\127\231\224
\012\155\272\071\143\050\206\222\363\030\204\330\373\321\317\005
\126\144\127
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Deutsche Telekom Root CA 2"
# Issuer: CN=Deutsche Telekom Root CA 2,OU=T-TeleSec Trust Center,O=Deutsche Telekom AG,C=DE
# Serial Number: 38 (0x26)
# Subject: CN=Deutsche Telekom Root CA 2,OU=T-TeleSec Trust Center,O=Deutsche Telekom AG,C=DE
# Not Valid Before: Fri Jul 09 12:11:00 1999
# Not Valid After : Tue Jul 09 23:59:00 2019
# Fingerprint (MD5): 74:01:4A:91:B1:08:C4:58:CE:47:CD:F0:DD:11:53:08
@@ -9838,16 +9531,17 @@
\205\272\115\355\050\062\353\371\141\112\344\304\066\036\031\334
\157\204\021\037\225\365\203\050\030\250\063\222\103\047\335\135
\023\004\105\117\207\325\106\315\075\250\272\360\363\270\126\044
\105\353\067\307\341\166\117\162\071\030\337\176\164\162\307\163
\055\071\352\140\346\255\021\242\126\207\173\303\150\232\376\370
\214\160\250\337\145\062\364\244\100\214\241\302\104\003\016\224
\000\147\240\161\000\202\110
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "ComSign CA"
# Issuer: C=IL,O=ComSign,CN=ComSign CA
# Serial Number:14:13:96:83:14:55:8c:ea:7b:63:e5:fc:34:87:77:44
# Subject: C=IL,O=ComSign,CN=ComSign CA
# Not Valid Before: Wed Mar 24 11:32:18 2004
# Not Valid After : Mon Mar 19 15:02:18 2029
# Fingerprint (MD5): CD:F4:39:F3:B5:18:50:D7:3E:A4:C5:91:A0:3E:21:4B
@@ -9968,16 +9662,17 @@
\275\224\000\231\277\021\245\334\340\171\305\026\013\175\002\141
\035\352\205\371\002\025\117\347\132\211\116\024\157\343\067\113
\205\365\301\074\141\340\375\005\101\262\222\177\303\035\240\320
\256\122\144\140\153\030\306\046\234\330\365\144\344\066\032\142
\237\212\017\076\377\155\116\031\126\116\040\221\154\237\064\063
\072\064\127\120\072\157\201\136\006\306\365\076\174\116\216\053
\316\145\006\056\135\322\052\123\164\136\323\156\047\236\217
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "ComSign Secured CA"
# Issuer: C=IL,O=ComSign,CN=ComSign Secured CA
# Serial Number:00:c7:28:47:09:b3:b8:6c:45:8c:1d:fa:24:f5:36:4e:e9
# Subject: C=IL,O=ComSign,CN=ComSign Secured CA
# Not Valid Before: Wed Mar 24 11:37:20 2004
# Not Valid After : Fri Mar 16 15:04:56 2029
# Fingerprint (MD5): 40:01:25:06:8D:21:43:6A:0E:43:00:9C:E7:43:F3:D5
@@ -10097,16 +9792,17 @@
\017\124\335\203\273\237\321\217\247\123\163\303\313\377\060\354
\174\004\270\330\104\037\223\137\161\011\042\267\156\076\352\034
\003\116\235\032\040\141\373\201\067\354\136\374\012\105\253\327
\347\027\125\320\240\352\140\233\246\366\343\214\133\051\302\006
\140\024\235\055\227\114\251\223\025\235\141\304\001\137\110\326
\130\275\126\061\022\116\021\310\041\340\263\021\221\145\333\264
\246\210\070\316\125
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Cybertrust Global Root"
# Issuer: CN=Cybertrust Global Root,O="Cybertrust, Inc"
# Serial Number:04:00:00:00:00:01:0f:85:aa:2d:48
# Subject: CN=Cybertrust Global Root,O="Cybertrust, Inc"
# Not Valid Before: Fri Dec 15 08:00:00 2006
# Not Valid After : Wed Dec 15 08:00:00 2021
# Fingerprint (MD5): 72:E4:4A:87:E3:69:40:80:77:EA:BC:E3:F4:FF:F0:E1
@@ -10263,16 +9959,17 @@
\115\343\061\325\307\354\350\362\260\376\222\036\026\012\032\374
\331\363\370\047\266\311\276\035\264\154\144\220\177\364\344\304
\133\327\067\256\102\016\335\244\032\157\174\210\124\305\026\156
\341\172\150\056\370\072\277\015\244\074\211\073\170\247\116\143
\203\004\041\010\147\215\362\202\111\320\133\375\261\315\017\203
\204\324\076\040\205\367\112\075\053\234\375\052\012\011\115\352
\201\370\021\234
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "ePKI Root Certification Authority"
# Issuer: OU=ePKI Root Certification Authority,O="Chunghwa Telecom Co., Ltd.",C=TW
# Serial Number:15:c8:bd:65:47:5c:af:b8:97:00:5e:e4:06:d2:bc:9d
# Subject: OU=ePKI Root Certification Authority,O="Chunghwa Telecom Co., Ltd.",C=TW
# Not Valid Before: Mon Dec 20 02:31:27 2004
# Not Valid After : Wed Dec 20 02:31:27 2034
# Fingerprint (MD5): 1B:2E:00:CA:26:06:90:3D:AD:FE:6F:15:68:D3:6B:B3
@@ -10447,16 +10144,17 @@
\200\262\136\014\112\023\236\040\330\142\100\253\220\352\144\112
\057\254\015\001\022\171\105\250\057\207\031\150\310\342\205\307
\060\262\165\371\070\077\262\300\223\264\153\342\003\104\316\147
\240\337\211\326\255\214\166\243\023\303\224\141\053\153\331\154
\301\007\012\042\007\205\154\205\044\106\251\276\077\213\170\204
\202\176\044\014\235\375\201\067\343\045\250\355\066\116\225\054
\311\234\220\332\354\251\102\074\255\266\002
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "TUBITAK UEKAE Kok Sertifika Hizmet Saglayicisi - Surum 3"
# Issuer: CN=T..B..TAK UEKAE K..k Sertifika Hizmet Sa..lay..c..s.. - S..r..m ...,OU=Kamu Sertifikasyon Merkezi,OU=Ulusal Elektronik ve Kriptoloji Ara..t..rma Enstit..s.. - UEKAE,O=T..rkiye Bilimsel ve Teknolojik Ara..t..rma Kurumu - T..B..TAK,L=Gebze - Kocaeli,C=TR
# Serial Number: 17 (0x11)
# Subject: CN=T..B..TAK UEKAE K..k Sertifika Hizmet Sa..lay..c..s.. - S..r..m ...,OU=Kamu Sertifikasyon Merkezi,OU=Ulusal Elektronik ve Kriptoloji Ara..t..rma Enstit..s.. - UEKAE,O=T..rkiye Bilimsel ve Teknolojik Ara..t..rma Kurumu - T..B..TAK,L=Gebze - Kocaeli,C=TR
# Not Valid Before: Fri Aug 24 11:37:07 2007
# Not Valid After : Mon Aug 21 11:37:07 2017
# Fingerprint (MD5): ED:41:F5:8C:50:C5:2B:9C:73:E6:EE:6C:EB:C2:A8:26
@@ -10583,16 +10281,17 @@
\045\335\141\047\043\034\265\061\007\004\066\264\032\220\275\240
\164\161\120\211\155\274\024\343\017\206\256\361\253\076\307\240
\011\314\243\110\321\340\333\144\347\222\265\317\257\162\103\160
\213\371\303\204\074\023\252\176\222\233\127\123\223\372\160\302
\221\016\061\371\233\147\135\351\226\070\136\137\263\163\116\210
\025\147\336\236\166\020\142\040\276\125\151\225\103\000\071\115
\366\356\260\132\116\111\104\124\130\137\102\203
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "certSIGN ROOT CA"
# Issuer: OU=certSIGN ROOT CA,O=certSIGN,C=RO
# Serial Number:20:06:05:16:70:02
# Subject: OU=certSIGN ROOT CA,O=certSIGN,C=RO
# Not Valid Before: Tue Jul 04 17:20:04 2006
# Not Valid After : Fri Jul 04 17:20:04 2031
# Fingerprint (MD5): 18:98:C0:D6:E9:3A:FC:F9:B0:F5:0C:F7:4B:01:44:17
@@ -10706,16 +10405,17 @@
\125\171\373\116\206\231\270\224\332\206\070\152\223\243\347\313
\156\345\337\352\041\125\211\234\175\175\177\230\365\000\211\356
\343\204\300\134\226\265\305\106\352\106\340\205\125\266\033\311
\022\326\301\315\315\200\363\002\001\074\310\151\313\105\110\143
\330\224\320\354\205\016\073\116\021\145\364\202\214\246\075\256
\056\042\224\011\310\134\352\074\201\135\026\052\003\227\026\125
\011\333\212\101\202\236\146\233\021
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "CNNIC ROOT"
# Issuer: CN=CNNIC ROOT,O=CNNIC,C=CN
# Serial Number: 1228079105 (0x49330001)
# Subject: CN=CNNIC ROOT,O=CNNIC,C=CN
# Not Valid Before: Mon Apr 16 07:09:14 2007
# Not Valid After : Fri Apr 16 07:09:14 2027
# Fingerprint (MD5): 21:BC:82:AB:49:C4:13:3B:4B:B2:2B:5C:6B:90:9C:19
@@ -10742,147 +10442,16 @@
\002\004\111\063\000\001
END
CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "ApplicationCA - Japanese Government"
-#
-# Issuer: OU=ApplicationCA,O=Japanese Government,C=JP
-# Serial Number: 49 (0x31)
-# Subject: OU=ApplicationCA,O=Japanese Government,C=JP
-# Not Valid Before: Wed Dec 12 15:00:00 2007
-# Not Valid After : Tue Dec 12 15:00:00 2017
-# Fingerprint (MD5): 7E:23:4E:5B:A7:A5:B4:25:E9:00:07:74:11:62:AE:D6
-# Fingerprint (SHA1): 7F:8A:B0:CF:D0:51:87:6A:66:F3:36:0F:47:C8:8D:8C:D3:35:FC:74
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ApplicationCA - Japanese Government"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\103\061\013\060\011\006\003\125\004\006\023\002\112\120\061
-\034\060\032\006\003\125\004\012\023\023\112\141\160\141\156\145
-\163\145\040\107\157\166\145\162\156\155\145\156\164\061\026\060
-\024\006\003\125\004\013\023\015\101\160\160\154\151\143\141\164
-\151\157\156\103\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\103\061\013\060\011\006\003\125\004\006\023\002\112\120\061
-\034\060\032\006\003\125\004\012\023\023\112\141\160\141\156\145
-\163\145\040\107\157\166\145\162\156\155\145\156\164\061\026\060
-\024\006\003\125\004\013\023\015\101\160\160\154\151\143\141\164
-\151\157\156\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\061
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\240\060\202\002\210\240\003\002\001\002\002\001\061
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\103\061\013\060\011\006\003\125\004\006\023\002\112\120\061\034
-\060\032\006\003\125\004\012\023\023\112\141\160\141\156\145\163
-\145\040\107\157\166\145\162\156\155\145\156\164\061\026\060\024
-\006\003\125\004\013\023\015\101\160\160\154\151\143\141\164\151
-\157\156\103\101\060\036\027\015\060\067\061\062\061\062\061\065
-\060\060\060\060\132\027\015\061\067\061\062\061\062\061\065\060
-\060\060\060\132\060\103\061\013\060\011\006\003\125\004\006\023
-\002\112\120\061\034\060\032\006\003\125\004\012\023\023\112\141
-\160\141\156\145\163\145\040\107\157\166\145\162\156\155\145\156
-\164\061\026\060\024\006\003\125\004\013\023\015\101\160\160\154
-\151\143\141\164\151\157\156\103\101\060\202\001\042\060\015\006
-\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017
-\000\060\202\001\012\002\202\001\001\000\247\155\340\164\116\207
-\217\245\006\336\150\242\333\206\231\113\144\015\161\360\012\005
-\233\216\252\341\314\056\322\152\073\301\172\264\227\141\215\212
-\276\306\232\234\006\264\206\121\344\067\016\164\170\176\137\212
-\177\224\244\327\107\010\375\120\132\126\344\150\254\050\163\240
-\173\351\177\030\222\100\117\055\235\365\256\104\110\163\066\006
-\236\144\054\073\064\043\333\134\046\344\161\171\217\324\156\171
-\042\271\223\301\312\315\301\126\355\210\152\327\240\071\041\004
-\127\054\242\365\274\107\101\117\136\064\042\225\265\037\051\155
-\136\112\363\115\162\276\101\126\040\207\374\351\120\107\327\060
-\024\356\134\214\125\272\131\215\207\374\043\336\223\320\004\214
-\375\357\155\275\320\172\311\245\072\152\162\063\306\112\015\005
-\027\052\055\173\261\247\330\326\360\276\364\077\352\016\050\155
-\101\141\043\166\170\303\270\145\244\363\132\256\314\302\252\331
-\347\130\336\266\176\235\205\156\237\052\012\157\237\003\051\060
-\227\050\035\274\267\317\124\051\116\121\061\371\047\266\050\046
-\376\242\143\346\101\026\360\063\230\107\002\003\001\000\001\243
-\201\236\060\201\233\060\035\006\003\125\035\016\004\026\004\024
-\124\132\313\046\077\161\314\224\106\015\226\123\352\153\110\320
-\223\376\102\165\060\016\006\003\125\035\017\001\001\377\004\004
-\003\002\001\006\060\131\006\003\125\035\021\004\122\060\120\244
-\116\060\114\061\013\060\011\006\003\125\004\006\023\002\112\120
-\061\030\060\026\006\003\125\004\012\014\017\346\227\245\346\234
-\254\345\233\275\346\224\277\345\272\234\061\043\060\041\006\003
-\125\004\013\014\032\343\202\242\343\203\227\343\203\252\343\202
-\261\343\203\274\343\202\267\343\203\247\343\203\263\103\101\060
-\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003
-\202\001\001\000\071\152\104\166\167\070\072\354\243\147\106\017
-\371\213\006\250\373\152\220\061\316\176\354\332\321\211\174\172
-\353\056\014\275\231\062\347\260\044\326\303\377\365\262\210\011
-\207\054\343\124\341\243\246\262\010\013\300\205\250\310\322\234
-\161\366\035\237\140\374\070\063\023\341\236\334\013\137\332\026
-\120\051\173\057\160\221\017\231\272\064\064\215\225\164\305\176
-\170\251\146\135\275\312\041\167\102\020\254\146\046\075\336\221
-\253\375\025\360\157\355\154\137\020\370\363\026\366\003\212\217
-\247\022\021\014\313\375\077\171\301\234\375\142\356\243\317\124
-\014\321\053\137\027\076\343\076\277\300\053\076\011\233\376\210
-\246\176\264\222\027\374\043\224\201\275\156\247\305\214\302\353
-\021\105\333\370\101\311\226\166\352\160\137\171\022\153\344\243
-\007\132\005\357\047\111\317\041\237\212\114\011\160\146\251\046
-\301\053\021\116\063\322\016\374\326\154\322\016\062\144\150\377
-\255\005\170\137\003\035\250\343\220\254\044\340\017\100\247\113
-\256\213\050\267\202\312\030\007\346\267\133\164\351\040\031\177
-\262\033\211\124
-END
-
-# Trust for Certificate "ApplicationCA - Japanese Government"
-# Issuer: OU=ApplicationCA,O=Japanese Government,C=JP
-# Serial Number: 49 (0x31)
-# Subject: OU=ApplicationCA,O=Japanese Government,C=JP
-# Not Valid Before: Wed Dec 12 15:00:00 2007
-# Not Valid After : Tue Dec 12 15:00:00 2017
-# Fingerprint (MD5): 7E:23:4E:5B:A7:A5:B4:25:E9:00:07:74:11:62:AE:D6
-# Fingerprint (SHA1): 7F:8A:B0:CF:D0:51:87:6A:66:F3:36:0F:47:C8:8D:8C:D3:35:FC:74
-CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ApplicationCA - Japanese Government"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\177\212\260\317\320\121\207\152\146\363\066\017\107\310\215\214
-\323\065\374\164
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\176\043\116\133\247\245\264\045\351\000\007\164\021\142\256\326
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\103\061\013\060\011\006\003\125\004\006\023\002\112\120\061
-\034\060\032\006\003\125\004\012\023\023\112\141\160\141\156\145
-\163\145\040\107\157\166\145\162\156\155\145\156\164\061\026\060
-\024\006\003\125\004\013\023\015\101\160\160\154\151\143\141\164
-\151\157\156\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\061
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
-CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
-
-#
# Certificate "GeoTrust Primary Certification Authority - G3"
#
# Issuer: CN=GeoTrust Primary Certification Authority - G3,OU=(c) 2008 GeoTrust Inc. - For authorized use only,O=GeoTrust Inc.,C=US
# Serial Number:15:ac:6e:94:19:b2:79:4b:41:f6:27:a9:c3:18:0f:1f
# Subject: CN=GeoTrust Primary Certification Authority - G3,OU=(c) 2008 GeoTrust Inc. - For authorized use only,O=GeoTrust Inc.,C=US
# Not Valid Before: Wed Apr 02 00:00:00 2008
# Not Valid After : Tue Dec 01 23:59:59 2037
# Fingerprint (MD5): B5:E8:34:36:C9:10:44:58:48:70:6D:2E:83:D4:B8:05
@@ -10984,16 +10553,17 @@
\207\174\015\015\317\056\010\134\112\100\015\076\354\201\141\346
\044\333\312\340\016\055\007\262\076\126\334\215\365\101\205\007
\110\233\014\013\313\111\077\175\354\267\375\313\215\147\211\032
\253\355\273\036\243\000\010\010\027\052\202\134\061\135\106\212
\055\017\206\233\164\331\105\373\324\100\261\172\252\150\055\206
\262\231\042\341\301\053\307\234\370\363\137\250\202\022\353\031
\021\055
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "GeoTrust Primary Certification Authority - G3"
# Issuer: CN=GeoTrust Primary Certification Authority - G3,OU=(c) 2008 GeoTrust Inc. - For authorized use only,O=GeoTrust Inc.,C=US
# Serial Number:15:ac:6e:94:19:b2:79:4b:41:f6:27:a9:c3:18:0f:1f
# Subject: CN=GeoTrust Primary Certification Authority - G3,OU=(c) 2008 GeoTrust Inc. - For authorized use only,O=GeoTrust Inc.,C=US
# Not Valid Before: Wed Apr 02 00:00:00 2008
# Not Valid After : Tue Dec 01 23:59:59 2037
# Fingerprint (MD5): B5:E8:34:36:C9:10:44:58:48:70:6D:2E:83:D4:B8:05
@@ -11112,16 +10682,17 @@
\003\003\151\000\060\146\002\061\000\335\370\340\127\107\133\247
\346\012\303\275\365\200\212\227\065\015\033\211\074\124\206\167
\050\312\241\364\171\336\265\346\070\260\360\145\160\214\177\002
\124\302\277\377\330\241\076\331\317\002\061\000\304\215\224\374
\334\123\322\334\235\170\026\037\025\063\043\123\122\343\132\061
\135\235\312\256\275\023\051\104\015\047\133\250\347\150\234\022
\367\130\077\056\162\002\127\243\217\241\024\056
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "thawte Primary Root CA - G2"
# Issuer: CN=thawte Primary Root CA - G2,OU="(c) 2007 thawte, Inc. - For authorized use only",O="thawte, Inc.",C=US
# Serial Number:35:fc:26:5c:d9:84:4f:c9:3d:26:3d:57:9b:ae:d7:56
# Subject: CN=thawte Primary Root CA - G2,OU="(c) 2007 thawte, Inc. - For authorized use only",O="thawte, Inc.",C=US
# Not Valid Before: Mon Nov 05 00:00:00 2007
# Not Valid After : Mon Jan 18 23:59:59 2038
# Fingerprint (MD5): 74:9D:EA:60:24:C4:FD:22:53:3E:CC:3A:72:D9:29:4F
@@ -11271,16 +10842,17 @@
\051\101\221\042\074\151\247\273\002\362\266\134\047\003\211\364
\006\352\233\344\162\202\343\241\011\301\351\000\031\323\076\324
\160\153\272\161\246\252\130\256\364\273\351\154\266\357\207\314
\233\273\377\071\346\126\141\323\012\247\304\134\114\140\173\005
\167\046\172\277\330\007\122\054\142\367\160\143\331\071\274\157
\034\302\171\334\166\051\257\316\305\054\144\004\136\210\066\156
\061\324\100\032\142\064\066\077\065\001\256\254\143\240
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "thawte Primary Root CA - G3"
# Issuer: CN=thawte Primary Root CA - G3,OU="(c) 2008 thawte, Inc. - For authorized use only",OU=Certification Services Division,O="thawte, Inc.",C=US
# Serial Number:60:01:97:b7:46:a7:ea:b4:b4:9a:d6:4b:2f:f7:90:fb
# Subject: CN=thawte Primary Root CA - G3,OU="(c) 2008 thawte, Inc. - For authorized use only",OU=Certification Services Division,O="thawte, Inc.",C=US
# Not Valid Before: Wed Apr 02 00:00:00 2008
# Not Valid After : Tue Dec 01 23:59:59 2037
# Fingerprint (MD5): FB:1B:5D:43:8A:94:CD:44:C6:76:F2:43:4B:47:E7:31
@@ -11406,16 +10978,17 @@
\144\226\131\246\350\011\336\213\272\372\132\210\210\360\037\221
\323\106\250\362\112\114\002\143\373\154\137\070\333\056\101\223
\251\016\346\235\334\061\034\262\240\247\030\034\171\341\307\066
\002\060\072\126\257\232\164\154\366\373\203\340\063\323\010\137
\241\234\302\133\237\106\326\266\313\221\006\143\242\006\347\063
\254\076\250\201\022\320\313\272\320\222\013\266\236\226\252\004
\017\212
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "GeoTrust Primary Certification Authority - G2"
# Issuer: CN=GeoTrust Primary Certification Authority - G2,OU=(c) 2007 GeoTrust Inc. - For authorized use only,O=GeoTrust Inc.,C=US
# Serial Number:3c:b2:f4:48:0a:00:e2:fe:eb:24:3b:5e:60:3e:c3:6b
# Subject: CN=GeoTrust Primary Certification Authority - G2,OU=(c) 2007 GeoTrust Inc. - For authorized use only,O=GeoTrust Inc.,C=US
# Not Valid Before: Mon Nov 05 00:00:00 2007
# Not Valid After : Mon Jan 18 23:59:59 2038
# Fingerprint (MD5): 01:5E:D8:6B:BD:6F:3D:8E:A1:31:F8:12:E0:98:73:6A
@@ -11575,16 +11148,17 @@
\007\021\360\325\333\335\345\214\360\325\062\260\203\346\127\342
\217\277\276\241\252\277\075\035\265\324\070\352\327\260\134\072
\117\152\077\217\300\146\154\143\252\351\331\244\026\364\201\321
\225\024\016\175\315\225\064\331\322\217\160\163\201\173\234\176
\275\230\141\330\105\207\230\220\305\353\206\060\306\065\277\360
\377\303\125\210\203\113\357\005\222\006\161\362\270\230\223\267
\354\315\202\141\361\070\346\117\227\230\052\132\215
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "VeriSign Universal Root Certification Authority"
# Issuer: CN=VeriSign Universal Root Certification Authority,OU="(c) 2008 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
# Serial Number:40:1a:c4:64:21:b3:13:21:03:0e:bb:e4:12:1a:c5:1d
# Subject: CN=VeriSign Universal Root Certification Authority,OU="(c) 2008 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
# Not Valid Before: Wed Apr 02 00:00:00 2008
# Not Valid After : Tue Dec 01 23:59:59 2037
# Fingerprint (MD5): 8E:AD:B5:01:AA:4D:81:E4:8C:1D:D1:E1:14:00:95:19
@@ -11729,16 +11303,17 @@
\000\060\145\002\060\146\041\014\030\046\140\132\070\173\126\102
\340\247\374\066\204\121\221\040\054\166\115\103\075\304\035\204
\043\320\254\326\174\065\006\316\315\151\275\220\015\333\154\110
\102\035\016\252\102\002\061\000\234\075\110\071\043\071\130\032
\025\022\131\152\236\357\325\131\262\035\122\054\231\161\315\307
\051\337\033\052\141\173\161\321\336\363\300\345\015\072\112\252
\055\247\330\206\052\335\056\020
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "VeriSign Class 3 Public Primary Certification Authority - G4"
# Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G4,OU="(c) 2007 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
# Serial Number:2f:80:fe:23:8c:0e:22:0f:48:67:12:28:91:87:ac:b3
# Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G4,OU="(c) 2007 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
# Not Valid Before: Mon Nov 05 00:00:00 2007
# Not Valid After : Mon Jan 18 23:59:59 2038
# Fingerprint (MD5): 3A:52:E1:E7:FD:6F:3A:E3:6F:F3:6F:99:1B:F9:22:41
@@ -11888,16 +11463,17 @@
\276\245\025\143\241\324\225\207\361\236\271\363\211\363\075\205
\270\270\333\276\265\271\051\371\332\067\005\000\111\224\003\204
\104\347\277\103\061\317\165\213\045\321\364\246\144\365\222\366
\253\005\353\075\351\245\013\066\142\332\314\006\137\066\213\266
\136\061\270\052\373\136\366\161\337\104\046\236\304\346\015\221
\264\056\165\225\200\121\152\113\060\246\260\142\241\223\361\233
\330\316\304\143\165\077\131\107\261
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "NetLock Arany (Class Gold) Főtanúsítvány"
# Issuer: CN=NetLock Arany (Class Gold) F..tan..s..tv..ny,OU=Tan..s..tv..nykiad..k (Certification Services),O=NetLock Kft.,L=Budapest,C=HU
# Serial Number:49:41:2c:e4:00:10
# Subject: CN=NetLock Arany (Class Gold) F..tan..s..tv..ny,OU=Tan..s..tv..nykiad..k (Certification Services),O=NetLock Kft.,L=Budapest,C=HU
# Not Valid Before: Thu Dec 11 15:08:21 2008
# Not Valid After : Wed Dec 06 15:08:21 2028
# Fingerprint (MD5): C5:A1:B7:FF:73:DD:D6:D7:34:32:18:DF:FC:3C:AD:88
@@ -12061,16 +11637,17 @@
\120\346\105\020\107\170\266\116\322\145\311\303\067\337\341\102
\143\260\127\067\105\055\173\212\234\277\005\352\145\125\063\367
\071\020\305\050\052\041\172\033\212\304\044\371\077\025\310\232
\025\040\365\125\142\226\355\155\223\120\274\344\252\170\255\331
\313\012\145\207\246\146\301\304\201\243\167\072\130\036\013\356
\203\213\235\036\322\122\244\314\035\157\260\230\155\224\061\265
\370\161\012\334\271\374\175\062\140\346\353\257\212\001
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Staat der Nederlanden Root CA - G2"
# Issuer: CN=Staat der Nederlanden Root CA - G2,O=Staat der Nederlanden,C=NL
# Serial Number: 10000012 (0x98968c)
# Subject: CN=Staat der Nederlanden Root CA - G2,O=Staat der Nederlanden,C=NL
# Not Valid Before: Wed Mar 26 11:18:17 2008
# Not Valid After : Wed Mar 25 11:03:10 2020
# Fingerprint (MD5): 7C:A5:0F:F8:5B:9A:7D:6D:30:AE:54:5A:E3:42:A2:8A
@@ -12186,16 +11763,17 @@
\022\024\344\141\215\254\020\220\236\204\120\273\360\226\157\105
\237\212\363\312\154\117\372\021\072\025\025\106\303\315\037\203
\133\055\101\022\355\120\147\101\023\075\041\253\224\212\252\116
\174\301\261\373\247\326\265\047\057\227\253\156\340\035\342\321
\034\054\037\104\342\374\276\221\241\234\373\326\051\123\163\206
\237\123\330\103\016\135\326\143\202\161\035\200\164\312\366\342
\002\153\331\132
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Hongkong Post Root CA 1"
# Issuer: CN=Hongkong Post Root CA 1,O=Hongkong Post,C=HK
# Serial Number: 1000 (0x3e8)
# Subject: CN=Hongkong Post Root CA 1,O=Hongkong Post,C=HK
# Not Valid Before: Thu May 15 05:13:14 2003
# Not Valid After : Mon May 15 04:52:29 2023
# Fingerprint (MD5): A8:0D:6F:39:78:B9:43:6D:77:42:6D:98:5A:CC:23:CA
@@ -12316,16 +11894,17 @@
\143\173\132\151\226\002\041\250\275\122\131\351\175\065\313\310
\122\312\177\201\376\331\153\323\367\021\355\045\337\370\347\371
\244\372\162\227\204\123\015\245\320\062\030\121\166\131\024\154
\017\353\354\137\200\214\165\103\203\303\205\230\377\114\236\055
\015\344\167\203\223\116\265\226\007\213\050\023\233\214\031\215
\101\047\111\100\356\336\346\043\104\071\334\241\042\326\272\003
\362
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "SecureSign RootCA11"
# Issuer: CN=SecureSign RootCA11,O="Japan Certification Services, Inc.",C=JP
# Serial Number: 1 (0x1)
# Subject: CN=SecureSign RootCA11,O="Japan Certification Services, Inc.",C=JP
# Not Valid Before: Wed Apr 08 04:56:47 2009
# Not Valid After : Sun Apr 08 04:56:47 2029
# Fingerprint (MD5): B7:52:74:E2:92:B4:80:93:F2:75:E4:CC:D7:F2:EA:26
@@ -12481,16 +12060,17 @@
\307\202\066\076\247\070\143\251\060\054\027\020\140\222\237\125
\207\022\131\020\302\017\147\151\021\314\116\036\176\112\232\255
\257\100\250\165\254\126\220\164\270\240\234\245\171\157\334\351
\032\310\151\005\351\272\372\003\263\174\344\340\116\302\316\235
\350\266\106\015\156\176\127\072\147\224\302\313\037\234\167\112
\147\116\151\206\103\223\070\373\266\333\117\203\221\324\140\176
\113\076\053\070\007\125\230\136\244
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "ACEDICOM Root"
# Issuer: C=ES,O=EDICOM,OU=PKI,CN=ACEDICOM Root
# Serial Number:61:8d:c7:86:3b:01:82:05
# Subject: C=ES,O=EDICOM,OU=PKI,CN=ACEDICOM Root
# Not Valid Before: Fri Apr 18 16:24:22 2008
# Not Valid After : Thu Apr 13 16:24:22 2028
# Fingerprint (MD5): 42:81:A0:E2:1C:E3:55:10:DE:55:89:42:65:96:22:E6
@@ -12627,16 +12207,17 @@
\255\234\032\303\004\074\355\002\141\326\036\006\363\137\072\207
\362\053\361\105\207\345\075\254\321\307\127\204\275\153\256\334
\330\371\266\033\142\160\013\075\066\311\102\362\062\327\172\141
\346\322\333\075\317\310\251\311\233\334\333\130\104\327\157\070
\257\177\170\323\243\255\032\165\272\034\301\066\174\217\036\155
\034\303\165\106\256\065\005\246\366\134\075\041\356\126\360\311
\202\042\055\172\124\253\160\303\175\042\145\202\160\226
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Microsec e-Szigno Root CA 2009"
# Issuer: E=info@e-szigno.hu,CN=Microsec e-Szigno Root CA 2009,O=Microsec Ltd.,L=Budapest,C=HU
# Serial Number:00:c2:7e:43:04:4e:47:3f:19
# Subject: E=info@e-szigno.hu,CN=Microsec e-Szigno Root CA 2009,O=Microsec Ltd.,L=Budapest,C=HU
# Not Valid Before: Tue Jun 16 11:30:18 2009
# Not Valid After : Sun Dec 30 11:30:18 2029
# Fingerprint (MD5): F8:49:F4:03:BC:44:2D:83:BE:48:69:7D:29:64:FC:B1
@@ -12758,16 +12339,17 @@
\231\302\037\172\016\343\055\010\255\012\034\054\377\074\253\125
\016\017\221\176\066\353\303\127\111\276\341\056\055\174\140\213
\303\101\121\023\043\235\316\367\062\153\224\001\250\231\347\054
\063\037\072\073\045\322\206\100\316\073\054\206\170\311\141\057
\024\272\356\333\125\157\337\204\356\005\011\115\275\050\330\162
\316\323\142\120\145\036\353\222\227\203\061\331\263\265\312\107
\130\077\137
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "GlobalSign Root CA - R3"
# Issuer: CN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R3
# Serial Number:04:00:00:00:00:01:21:58:53:08:a2
# Subject: CN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R3
# Not Valid Before: Wed Mar 18 10:00:00 2009
# Not Valid After : Sun Mar 18 10:00:00 2029
# Fingerprint (MD5): C5:DF:B8:49:CA:05:13:55:EE:2D:BA:1A:C3:3E:B0:28
@@ -12930,16 +12512,17 @@
\330\153\044\254\227\130\104\107\255\131\030\361\041\145\160\336
\316\064\140\250\100\361\363\074\244\303\050\043\214\376\047\063
\103\100\240\027\074\353\352\073\260\162\246\243\271\112\113\136
\026\110\364\262\274\310\214\222\305\235\237\254\162\066\274\064
\200\064\153\251\213\222\300\270\027\355\354\166\123\365\044\001
\214\263\042\350\113\174\125\306\235\372\243\024\273\145\205\156
\156\117\022\176\012\074\235\225
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"
# Issuer: CN=Autoridad de Certificacion Firmaprofesional CIF A62634068,C=ES
# Serial Number:53:ec:3b:ee:fb:b2:48:5f
# Subject: CN=Autoridad de Certificacion Firmaprofesional CIF A62634068,C=ES
# Not Valid Before: Wed May 20 08:38:15 2009
# Not Valid After : Tue Dec 31 08:38:15 2030
# Fingerprint (MD5): 73:3A:74:7A:EC:BB:A3:96:A6:C2:E4:E2:C8:9B:C0:C3
@@ -13098,16 +12681,17 @@
\150\103\110\262\333\353\163\044\347\221\177\124\244\266\200\076
\235\243\074\114\162\302\127\304\240\324\314\070\047\316\325\006
\236\242\110\331\351\237\316\202\160\066\223\232\073\337\226\041
\343\131\267\014\332\221\067\360\375\131\132\263\231\310\151\154
\103\046\001\065\143\140\125\211\003\072\165\330\272\112\331\124
\377\356\336\200\330\055\321\070\325\136\055\013\230\175\076\154
\333\374\046\210\307
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Izenpe.com"
# Issuer: CN=Izenpe.com,O=IZENPE S.A.,C=ES
# Serial Number:00:b0:b7:5a:16:48:5f:bf:e1:cb:f5:8b:d7:19:e6:7d
# Subject: CN=Izenpe.com,O=IZENPE S.A.,C=ES
# Not Valid Before: Thu Dec 13 13:08:28 2007
# Not Valid After : Sun Dec 13 08:27:25 2037
# Fingerprint (MD5): A6:B0:CD:85:80:DA:5C:50:34:A3:39:90:2F:55:67:73
@@ -13302,16 +12886,17 @@
\176\030\230\265\105\073\366\171\264\350\367\032\173\006\203\373
\320\213\332\273\307\275\030\253\010\157\074\200\153\100\077\031
\031\272\145\212\346\276\325\134\323\066\327\357\100\122\044\140
\070\147\004\061\354\217\363\202\306\336\271\125\363\073\061\221
\132\334\265\010\025\255\166\045\012\015\173\056\207\342\014\246
\006\274\046\020\155\067\235\354\335\170\214\174\200\305\360\331
\167\110\320
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Chambers of Commerce Root - 2008"
# Issuer: CN=Chambers of Commerce Root - 2008,O=AC Camerfirma S.A.,serialNumber=A82743287,L=Madrid (see current address at www.camerfirma.com/address),C=EU
# Serial Number:00:a3:da:42:7e:a4:b1:ae:da
# Subject: CN=Chambers of Commerce Root - 2008,O=AC Camerfirma S.A.,serialNumber=A82743287,L=Madrid (see current address at www.camerfirma.com/address),C=EU
# Not Valid Before: Fri Aug 01 12:29:50 2008
# Not Valid After : Sat Jul 31 12:29:50 2038
# Fingerprint (MD5): 5E:80:9E:84:5A:0E:65:0B:17:02:F3:55:18:2A:3E:D7
@@ -13510,16 +13095,17 @@
\223\256\231\240\357\045\152\163\230\211\133\072\056\023\210\036
\277\300\222\224\064\033\343\047\267\213\036\157\102\377\347\351
\067\233\120\035\055\242\371\002\356\313\130\130\072\161\274\150
\343\252\301\257\034\050\037\242\334\043\145\077\201\352\256\231
\323\330\060\317\023\015\117\025\311\204\274\247\110\055\370\060
\043\167\330\106\113\171\155\366\214\355\072\177\140\021\170\364
\351\233\256\325\124\300\164\200\321\013\102\237\301
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Global Chambersign Root - 2008"
# Issuer: CN=Global Chambersign Root - 2008,O=AC Camerfirma S.A.,serialNumber=A82743287,L=Madrid (see current address at www.camerfirma.com/address),C=EU
# Serial Number:00:c9:cd:d3:e9:d5:7d:23:ce
# Subject: CN=Global Chambersign Root - 2008,O=AC Camerfirma S.A.,serialNumber=A82743287,L=Madrid (see current address at www.camerfirma.com/address),C=EU
# Not Valid Before: Fri Aug 01 12:31:40 2008
# Not Valid After : Sat Jul 31 12:31:40 2038
# Fingerprint (MD5): 9E:80:FF:78:01:0C:2E:C1:36:BD:FE:96:90:6E:08:F3
@@ -15376,16 +14962,17 @@
\330\144\363\054\176\024\374\002\352\237\315\377\007\150\027\333
\042\220\070\055\172\215\321\124\361\151\343\137\063\312\172\075
\173\012\343\312\177\137\071\345\342\165\272\305\166\030\063\316
\054\360\057\114\255\367\261\347\316\117\250\304\233\112\124\006
\305\177\175\325\010\017\342\034\376\176\027\270\254\136\366\324
\026\262\103\011\014\115\366\247\153\264\231\204\145\312\172\210
\342\342\104\276\134\367\352\034\365
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Go Daddy Root Certificate Authority - G2"
# Issuer: CN=Go Daddy Root Certificate Authority - G2,O="GoDaddy.com, Inc.",L=Scottsdale,ST=Arizona,C=US
# Serial Number: 0 (0x0)
# Subject: CN=Go Daddy Root Certificate Authority - G2,O="GoDaddy.com, Inc.",L=Scottsdale,ST=Arizona,C=US
# Not Valid Before: Tue Sep 01 00:00:00 2009
# Not Valid After : Thu Dec 31 23:59:59 2037
# Fingerprint (MD5): 80:3A:BC:22:C1:E6:FB:8D:9B:3B:27:4A:32:1B:9A:01
@@ -15525,16 +15112,17 @@
\037\305\354\372\234\176\317\176\261\361\007\055\266\374\277\312
\244\277\320\227\005\112\274\352\030\050\002\220\275\124\170\011
\041\161\323\321\175\035\331\026\260\251\141\075\320\012\000\042
\374\307\173\313\011\144\105\013\073\100\201\367\175\174\062\365
\230\312\130\216\175\052\356\220\131\163\144\371\066\164\136\045
\241\365\146\005\056\177\071\025\251\052\373\120\213\216\205\151
\364
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Starfield Root Certificate Authority - G2"
# Issuer: CN=Starfield Root Certificate Authority - G2,O="Starfield Technologies, Inc.",L=Scottsdale,ST=Arizona,C=US
# Serial Number: 0 (0x0)
# Subject: CN=Starfield Root Certificate Authority - G2,O="Starfield Technologies, Inc.",L=Scottsdale,ST=Arizona,C=US
# Not Valid Before: Tue Sep 01 00:00:00 2009
# Not Valid After : Thu Dec 31 23:59:59 2037
# Fingerprint (MD5): D6:39:81:C6:52:7E:96:69:FC:FC:CA:66:ED:05:F2:96
@@ -15676,16 +15264,17 @@
\210\100\317\175\106\035\377\036\307\341\316\377\043\333\306\372
\215\125\116\251\002\347\107\021\106\076\364\375\275\173\051\046
\273\251\141\142\067\050\266\055\052\366\020\206\144\311\160\247
\322\255\267\051\160\171\352\074\332\143\045\237\375\150\267\060
\354\160\373\165\212\267\155\140\147\262\036\310\271\351\330\250
\157\002\213\147\015\115\046\127\161\332\040\374\301\112\120\215
\261\050\272
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Starfield Services Root Certificate Authority - G2"
# Issuer: CN=Starfield Services Root Certificate Authority - G2,O="Starfield Technologies, Inc.",L=Scottsdale,ST=Arizona,C=US
# Serial Number: 0 (0x0)
# Subject: CN=Starfield Services Root Certificate Authority - G2,O="Starfield Technologies, Inc.",L=Scottsdale,ST=Arizona,C=US
# Not Valid Before: Tue Sep 01 00:00:00 2009
# Not Valid After : Thu Dec 31 23:59:59 2037
# Fingerprint (MD5): 17:35:74:AF:7B:61:1C:EB:F4:F9:3C:E2:EE:40:F9:A2
@@ -15806,16 +15395,17 @@
\265\063\252\262\157\323\012\242\120\343\366\073\350\056\104\302
\333\146\070\251\063\126\110\361\155\033\063\215\015\214\077\140
\067\235\323\312\155\176\064\176\015\237\162\166\213\033\237\162
\375\122\065\101\105\002\226\057\034\262\232\163\111\041\261\111
\107\105\107\264\357\152\064\021\311\115\232\314\131\267\326\002
\236\132\116\145\265\224\256\033\337\051\260\026\361\277\000\236
\007\072\027\144\265\004\265\043\041\231\012\225\073\227\174\357
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "AffirmTrust Commercial"
# Issuer: CN=AffirmTrust Commercial,O=AffirmTrust,C=US
# Serial Number:77:77:06:27:26:a9:b1:7c
# Subject: CN=AffirmTrust Commercial,O=AffirmTrust,C=US
# Not Valid Before: Fri Jan 29 14:06:06 2010
# Not Valid After : Tue Dec 31 14:06:06 2030
# Fingerprint (MD5): 82:92:BA:5B:EF:CD:8A:6F:A6:3D:55:F9:84:F6:D6:B7
@@ -15931,16 +15521,17 @@
\115\207\165\155\267\130\226\132\335\155\322\000\240\364\233\110
\276\303\067\244\272\066\340\174\207\205\227\032\025\242\336\056
\242\133\275\257\030\371\220\120\315\160\131\370\047\147\107\313
\307\240\007\072\175\321\054\135\154\031\072\146\265\175\375\221
\157\202\261\276\010\223\333\024\107\361\242\067\307\105\236\074
\307\167\257\144\250\223\337\366\151\203\202\140\362\111\102\064
\355\132\000\124\205\034\026\066\222\014\134\372\246\255\277\333
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "AffirmTrust Networking"
# Issuer: CN=AffirmTrust Networking,O=AffirmTrust,C=US
# Serial Number:7c:4f:04:39:1c:d4:99:2d
# Subject: CN=AffirmTrust Networking,O=AffirmTrust,C=US
# Not Valid Before: Fri Jan 29 14:08:24 2010
# Not Valid After : Tue Dec 31 14:08:24 2030
# Fingerprint (MD5): 42:65:CA:BE:01:9A:9A:4C:A9:8C:41:49:CD:C0:D5:7F
@@ -16088,16 +15679,17 @@
\030\246\265\250\136\264\203\154\153\151\100\323\237\334\361\303
\151\153\271\341\155\011\364\361\252\120\166\012\172\175\172\027
\241\125\226\102\231\061\011\335\140\021\215\005\060\176\346\216
\106\321\235\024\332\307\027\344\005\226\214\304\044\265\033\317
\024\007\262\100\370\243\236\101\206\274\004\320\153\226\310\052
\200\064\375\277\357\006\243\335\130\305\205\075\076\217\376\236
\051\340\266\270\011\150\031\034\030\103
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "AffirmTrust Premium"
# Issuer: CN=AffirmTrust Premium,O=AffirmTrust,C=US
# Serial Number:6d:8c:14:46:b1:a6:0a:ee
# Subject: CN=AffirmTrust Premium,O=AffirmTrust,C=US
# Not Valid Before: Fri Jan 29 14:10:36 2010
# Not Valid After : Mon Dec 31 14:10:36 2040
# Fingerprint (MD5): C4:5D:0E:48:B6:AC:28:30:4E:0A:BC:F9:38:16:87:57
@@ -16193,16 +15785,17 @@
\027\011\363\207\210\120\132\257\310\300\102\277\107\137\365\154
\152\206\340\304\047\164\344\070\123\327\005\177\033\064\343\306
\057\263\312\011\074\067\235\327\347\270\106\361\375\241\342\161
\002\060\102\131\207\103\324\121\337\272\323\011\062\132\316\210
\176\127\075\234\137\102\153\365\007\055\265\360\202\223\371\131
\157\256\144\372\130\345\213\036\343\143\276\265\201\315\157\002
\214\171
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "AffirmTrust Premium ECC"
# Issuer: CN=AffirmTrust Premium ECC,O=AffirmTrust,C=US
# Serial Number:74:97:25:8a:c7:3f:7a:54
# Subject: CN=AffirmTrust Premium ECC,O=AffirmTrust,C=US
# Not Valid Before: Fri Jan 29 14:20:24 2010
# Not Valid After : Mon Dec 31 14:20:24 2040
# Fingerprint (MD5): 64:B0:09:55:CF:B1:D5:99:E2:BE:13:AB:A6:5D:EA:4D
@@ -16331,16 +15924,17 @@
\227\306\166\350\047\226\243\146\335\341\256\362\101\133\312\230
\126\203\163\160\344\206\032\322\061\101\272\057\276\055\023\132
\166\157\116\350\116\201\016\077\133\003\042\240\022\276\146\130
\021\112\313\003\304\264\052\052\055\226\027\340\071\124\274\110
\323\166\047\235\232\055\006\246\311\354\071\322\253\333\237\232
\013\047\002\065\051\261\100\225\347\371\350\234\125\210\031\106
\326\267\064\365\176\316\071\232\331\070\361\121\367\117\054
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Certum Trusted Network CA"
# Issuer: CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL
# Serial Number: 279744 (0x444c0)
# Subject: CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL
# Not Valid Before: Wed Oct 22 12:07:37 2008
# Not Valid After : Mon Dec 31 12:07:37 2029
# Fingerprint (MD5): D5:E9:81:40:C5:18:69:FC:46:2C:89:75:62:0F:AA:78
@@ -16500,16 +16094,17 @@
\032\050\364\041\003\356\056\331\301\200\352\271\331\202\326\133
\166\302\313\073\265\322\000\360\243\016\341\255\156\100\367\333
\240\264\320\106\256\025\327\104\302\115\065\371\322\013\362\027
\366\254\146\325\044\262\117\321\034\231\300\156\365\175\353\164
\004\270\371\115\167\011\327\264\317\007\060\011\361\270\000\126
\331\027\026\026\012\053\206\337\217\001\031\032\345\273\202\143
\377\276\013\166\026\136\067\067\346\330\164\227\242\231\105\171
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Certinomis - Autorité Racine"
# Issuer: CN=Certinomis - Autorit.. Racine,OU=0002 433998903,O=Certinomis,C=FR
# Serial Number: 1 (0x1)
# Subject: CN=Certinomis - Autorit.. Racine,OU=0002 433998903,O=Certinomis,C=FR
# Not Valid Before: Wed Sep 17 08:28:59 2008
# Not Valid After : Sun Sep 17 08:28:59 2028
# Fingerprint (MD5): 7F:30:78:8C:03:E3:CA:C9:0A:E2:C9:EA:1E:AA:55:1A
@@ -16634,16 +16229,17 @@
\172\162\132\203\263\171\157\357\264\374\320\012\245\130\117\106
\337\373\155\171\131\362\204\042\122\256\017\314\373\174\073\347
\152\312\107\141\303\172\370\323\222\004\037\270\040\204\341\066
\124\026\307\100\336\073\212\163\334\337\306\011\114\337\354\332
\377\324\123\102\241\311\362\142\035\042\203\074\227\305\371\031
\142\047\254\145\042\327\323\074\306\345\216\262\123\314\111\316
\274\060\376\173\016\063\220\373\355\322\024\221\037\007\257
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "TWCA Root Certification Authority"
# Issuer: CN=TWCA Root Certification Authority,OU=Root CA,O=TAIWAN-CA,C=TW
# Serial Number: 1 (0x1)
# Subject: CN=TWCA Root Certification Authority,OU=Root CA,O=TAIWAN-CA,C=TW
# Not Valid Before: Thu Aug 28 07:24:33 2008
# Not Valid After : Tue Dec 31 15:59:59 2030
# Fingerprint (MD5): AA:08:8F:F6:F9:7B:B7:F2:B1:A7:1E:9B:EA:EA:BD:79
@@ -18024,16 +17620,17 @@
\273\233\051\126\074\376\000\067\317\043\154\361\116\252\266\164
\106\022\154\221\356\064\325\354\232\221\347\104\276\220\061\162
\325\111\002\366\002\345\364\037\353\174\331\226\125\251\377\354
\212\371\231\107\377\065\132\002\252\004\313\212\133\207\161\051
\221\275\244\264\172\015\275\232\365\127\043\000\007\041\027\077
\112\071\321\005\111\013\247\266\067\201\245\135\214\252\063\136
\201\050\174\247\175\047\353\000\256\215\067
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Security Communication RootCA2"
# Issuer: OU=Security Communication RootCA2,O="SECOM Trust Systems CO.,LTD.",C=JP
# Serial Number: 0 (0x0)
# Subject: OU=Security Communication RootCA2,O="SECOM Trust Systems CO.,LTD.",C=JP
# Not Valid Before: Fri May 29 05:00:39 2009
# Not Valid After : Tue May 29 05:00:39 2029
# Fingerprint (MD5): 6C:39:7D:A4:0E:55:59:B2:3F:D6:41:B1:12:50:DE:43
@@ -18206,16 +17803,17 @@
\234\211\333\151\070\276\354\134\016\126\307\145\121\345\120\210
\210\277\102\325\053\075\345\371\272\236\056\263\312\364\163\222
\002\013\276\114\146\353\040\376\271\313\265\231\177\346\266\023
\372\312\113\115\331\356\123\106\006\073\306\116\255\223\132\201
\176\154\052\113\152\005\105\214\362\041\244\061\220\207\154\145
\234\235\245\140\225\072\122\177\365\321\253\010\156\363\356\133
\371\210\075\176\270\157\156\003\344\102
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "EC-ACC"
# Issuer: CN=EC-ACC,OU=Jerarquia Entitats de Certificacio Catalanes,OU=Vegeu https://www.catcert.net/verarrel (c)03,OU=Serveis Publics de Certificacio,O=Agencia Catalana de Certificacio (NIF Q-0801176-I),C=ES
# Serial Number:ee:2b:3d:eb:d4:21:de:14:a8:62:ac:04:f3:dd:c4:01
# Subject: CN=EC-ACC,OU=Jerarquia Entitats de Certificacio Catalanes,OU=Vegeu https://www.catcert.net/verarrel (c)03,OU=Serveis Publics de Certificacio,O=Agencia Catalana de Certificacio (NIF Q-0801176-I),C=ES
# Not Valid Before: Tue Jan 07 23:00:00 2003
# Not Valid After : Tue Jan 07 22:59:59 2031
# Fingerprint (MD5): EB:F5:9D:29:0D:61:F9:42:1F:7C:C2:BA:6D:E3:15:09
@@ -18368,16 +17966,17 @@
\372\363\003\022\226\170\006\215\261\147\355\216\077\276\237\117
\002\365\263\011\057\363\114\207\337\052\313\225\174\001\314\254
\066\172\277\242\163\172\367\217\301\265\232\241\024\262\217\063
\237\015\357\042\334\146\173\204\275\105\027\006\075\074\312\271
\167\064\217\312\352\317\077\061\076\343\210\343\200\111\045\310
\227\265\235\232\231\115\260\074\370\112\000\233\144\335\237\071
\113\321\047\327\270
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for Certificate "Hellenic Academic and Research Institutions RootCA 2011"
# Issuer: CN=Hellenic Academic and Research Institutions RootCA 2011,O=Hellenic Academic and Research Institutions Cert. Authority,C=GR
# Serial Number: 0 (0x0)
# Subject: CN=Hellenic Academic and Research Institutions RootCA 2011,O=Hellenic Academic and Research Institutions Cert. Authority,C=GR
# Not Valid Before: Tue Dec 06 13:49:52 2011
# Not Valid After : Mon Dec 01 13:49:52 2031
# Fingerprint (MD5): 73:9F:4C:4B:73:5B:79:E9:FA:BA:1C:EF:6E:CB:D5:C9
@@ -18603,16 +18202,17 @@
\177\244\101\041\220\101\167\246\071\037\352\236\343\237\320\146
\157\005\354\252\166\176\277\153\026\240\353\265\307\374\222\124
\057\053\021\047\045\067\170\114\121\152\260\363\314\130\135\024
\361\152\110\025\377\302\007\266\261\215\017\216\134\120\106\263
\075\277\001\230\117\262\131\124\107\076\064\173\170\155\126\223
\056\163\352\146\050\170\315\035\024\277\240\217\057\056\270\056
\216\362\024\212\314\351\265\174\373\154\235\014\245\341\226
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Actalis Authentication Root CA"
# Issuer: CN=Actalis Authentication Root CA,O=Actalis S.p.A./03358520967,L=Milan,C=IT
# Serial Number:57:0a:11:97:42:c4:e3:cc
# Subject: CN=Actalis Authentication Root CA,O=Actalis S.p.A./03358520967,L=Milan,C=IT
# Not Valid Before: Thu Sep 22 11:22:02 2011
# Not Valid After : Sun Sep 22 11:22:02 2030
# Fingerprint (MD5): 69:C1:0D:4F:07:A3:1B:C3:FE:56:3D:04:BC:11:F6:A6
@@ -18733,16 +18333,17 @@
\177\124\365\243\340\217\360\174\125\042\217\051\266\201\243\341
\155\116\054\033\200\147\354\255\040\237\014\142\141\325\227\377
\103\355\055\301\332\135\051\052\205\077\254\145\356\206\017\005
\215\220\137\337\356\237\364\277\356\035\373\230\344\177\220\053
\204\170\020\016\154\111\123\357\025\133\145\106\112\135\257\272
\373\072\162\035\315\366\045\210\036\227\314\041\234\051\001\015
\145\353\127\331\363\127\226\273\110\315\201
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Trustis FPS Root CA"
# Issuer: OU=Trustis FPS Root CA,O=Trustis Limited,C=GB
# Serial Number:1b:1f:ad:b6:20:f9:24:d3:36:6b:f7:c7:f1:8c:a0:59
# Subject: OU=Trustis FPS Root CA,O=Trustis Limited,C=GB
# Not Valid Before: Tue Dec 23 12:14:06 2003
# Not Valid After : Sun Jan 21 11:36:54 2024
# Fingerprint (MD5): 30:C9:E7:1E:6B:E6:14:EB:65:B2:16:69:20:31:67:4D
@@ -18933,16 +18534,17 @@
\046\161\304\205\136\161\044\312\245\033\154\330\141\323\032\340
\124\333\316\272\251\062\265\042\366\163\101\011\135\270\027\135
\016\017\231\220\326\107\332\157\012\072\142\050\024\147\202\331
\361\320\200\131\233\313\061\330\233\017\214\167\116\265\150\212
\362\154\366\044\016\055\154\160\305\163\321\336\024\320\161\217
\266\323\173\002\366\343\270\324\011\156\153\236\165\204\071\346
\177\045\245\362\110\000\300\244\001\332\077
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "StartCom Certification Authority"
# Issuer: CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL
# Serial Number: 45 (0x2d)
# Subject: CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL
# Not Valid Before: Sun Sep 17 19:46:37 2006
# Not Valid After : Wed Sep 17 19:46:36 2036
# Fingerprint (MD5): C9:3B:0D:84:41:FC:A4:76:79:23:08:57:DE:10:19:16
@@ -19097,16 +18699,17 @@
\102\056\055\304\011\072\003\147\151\204\232\341\131\220\212\050
\205\325\135\164\261\321\016\040\130\233\023\245\260\143\246\355
\173\107\375\105\125\060\244\356\232\324\346\342\207\357\230\311
\062\202\021\051\042\274\000\012\061\136\055\017\300\216\351\153
\262\217\056\006\330\321\221\307\306\022\364\114\375\060\027\303
\301\332\070\133\343\251\352\346\241\272\171\357\163\330\266\123
\127\055\366\320\341\327\110
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "StartCom Certification Authority G2"
# Issuer: CN=StartCom Certification Authority G2,O=StartCom Ltd.,C=IL
# Serial Number: 59 (0x3b)
# Subject: CN=StartCom Certification Authority G2,O=StartCom Ltd.,C=IL
# Not Valid Before: Fri Jan 01 01:00:01 2010
# Not Valid After : Sat Dec 31 23:59:01 2039
# Fingerprint (MD5): 78:4B:FB:9E:64:82:0A:D3:B8:4C:62:F3:64:F2:90:64
@@ -19256,16 +18859,17 @@
\112\220\136\303\372\047\004\261\171\025\164\231\314\276\255\040
\336\046\140\034\353\126\121\246\243\352\344\243\077\247\377\141
\334\361\132\115\154\062\043\103\356\254\250\356\356\112\022\011
\074\135\161\302\276\171\372\302\207\150\035\013\375\134\151\314
\006\320\232\175\124\231\052\311\071\032\031\257\113\052\103\363
\143\135\132\130\342\057\343\035\344\251\326\320\012\320\236\277
\327\201\011\361\311\307\046\015\254\230\026\126\240
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Buypass Class 2 Root CA"
# Issuer: CN=Buypass Class 2 Root CA,O=Buypass AS-983163327,C=NO
# Serial Number: 2 (0x2)
# Subject: CN=Buypass Class 2 Root CA,O=Buypass AS-983163327,C=NO
# Not Valid Before: Tue Oct 26 08:38:03 2010
# Not Valid After : Fri Oct 26 08:38:03 2040
# Fingerprint (MD5): 46:A7:D2:FE:45:FB:64:5A:A8:59:90:9B:78:44:9B:29
@@ -19414,16 +19018,17 @@
\105\310\114\161\331\274\311\231\122\127\106\057\120\317\275\065
\151\364\075\025\316\006\245\054\017\076\366\201\272\224\273\303
\273\277\145\170\322\206\171\377\111\073\032\203\014\360\336\170
\354\310\362\115\114\032\336\202\051\370\301\132\332\355\356\346
\047\136\350\105\320\235\034\121\250\150\253\104\343\320\213\152
\343\370\073\273\334\115\327\144\362\121\276\346\252\253\132\351
\061\356\006\274\163\277\023\142\012\237\307\271\227
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Buypass Class 3 Root CA"
# Issuer: CN=Buypass Class 3 Root CA,O=Buypass AS-983163327,C=NO
# Serial Number: 2 (0x2)
# Subject: CN=Buypass Class 3 Root CA,O=Buypass AS-983163327,C=NO
# Not Valid Before: Tue Oct 26 08:28:58 2010
# Not Valid After : Fri Oct 26 08:28:58 2040
# Fingerprint (MD5): 3D:3B:18:9E:2C:64:5A:E8:D5:88:CE:0E:F9:37:C2:EC
@@ -19555,16 +19160,17 @@
\367\124\076\201\075\332\111\152\232\263\357\020\075\346\353\157
\321\310\042\107\313\314\317\001\061\222\331\030\343\042\276\011
\036\032\076\132\262\344\153\014\124\172\175\103\116\270\211\245
\173\327\242\075\226\206\314\362\046\064\055\152\222\235\232\032
\320\060\342\135\116\004\260\137\213\040\176\167\301\075\225\202
\321\106\232\073\074\170\270\157\241\320\015\144\242\170\036\051
\116\223\303\244\124\024\133
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "T-TeleSec GlobalRoot Class 3"
# Issuer: CN=T-TeleSec GlobalRoot Class 3,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE
# Serial Number: 1 (0x1)
# Subject: CN=T-TeleSec GlobalRoot Class 3,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE
# Not Valid Before: Wed Oct 01 10:29:56 2008
# Not Valid After : Sat Oct 01 23:59:59 2033
# Fingerprint (MD5): CA:FB:40:A8:4E:39:92:8A:1D:FE:8E:2F:C4:27:EA:EF
@@ -19703,16 +19309,17 @@
\346\164\163\224\135\026\230\023\225\376\373\333\261\104\345\072
\160\254\067\153\346\263\063\162\050\311\263\127\240\366\002\026
\210\006\013\266\246\113\040\050\324\336\075\213\255\067\005\123
\164\376\156\314\274\103\027\161\136\371\305\314\032\251\141\356
\367\166\014\363\162\364\162\255\317\162\002\066\007\107\317\357
\031\120\211\140\314\351\044\225\017\302\313\035\362\157\166\220
\307\314\165\301\226\305\235
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "EE Certification Centre Root CA"
# Issuer: E=pki@sk.ee,CN=EE Certification Centre Root CA,O=AS Sertifitseerimiskeskus,C=EE
# Serial Number:54:80:f9:a0:73:ed:3f:00:4c:ca:89:d8:e3:71:e6:4a
# Subject: E=pki@sk.ee,CN=EE Certification Centre Root CA,O=AS Sertifitseerimiskeskus,C=EE
# Not Valid Before: Sat Oct 30 10:10:30 2010
# Not Valid After : Tue Dec 17 23:59:59 2030
# Fingerprint (MD5): 43:5E:88:D4:7D:1A:4A:7E:FD:84:2E:52:EB:01:D4:6F
@@ -19932,16 +19539,17 @@
\005\332\143\127\213\345\263\252\333\300\056\034\220\104\333\032
\135\030\244\356\276\004\133\231\325\161\137\125\145\144\142\325
\242\233\004\131\206\310\142\167\347\174\202\105\152\075\027\277
\354\235\165\014\256\243\157\132\323\057\230\066\364\360\365\031
\253\021\135\310\246\343\052\130\152\102\011\303\275\222\046\146
\062\015\135\010\125\164\377\214\230\320\012\246\204\152\321\071
\175
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "TURKTRUST Certificate Services Provider Root 2007"
# Issuer: O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A...,L=Ankara,C=TR,CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s..
# Serial Number: 1 (0x1)
# Subject: O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A...,L=Ankara,C=TR,CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s..
# Not Valid Before: Tue Dec 25 18:37:19 2007
# Not Valid After : Fri Dec 22 18:37:19 2017
# Fingerprint (MD5): 2B:70:20:56:86:82:A0:18:C8:07:53:12:28:70:21:72
@@ -20080,16 +19688,17 @@
\310\154\353\202\123\004\246\344\114\042\115\215\214\272\316\133
\163\354\144\124\120\155\321\234\125\373\151\303\066\303\214\274
\074\205\246\153\012\046\015\340\223\230\140\256\176\306\044\227
\212\141\137\221\216\146\222\011\207\066\315\213\233\055\076\366
\121\324\120\324\131\050\275\203\362\314\050\173\123\206\155\330
\046\210\160\327\352\221\315\076\271\312\300\220\156\132\306\136
\164\145\327\134\376\243\342
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "D-TRUST Root Class 3 CA 2 2009"
# Issuer: CN=D-TRUST Root Class 3 CA 2 2009,O=D-Trust GmbH,C=DE
# Serial Number: 623603 (0x983f3)
# Subject: CN=D-TRUST Root Class 3 CA 2 2009,O=D-Trust GmbH,C=DE
# Not Valid Before: Thu Nov 05 08:35:58 2009
# Not Valid After : Mon Nov 05 08:35:58 2029
# Fingerprint (MD5): CD:E0:25:69:8D:47:AC:9C:89:35:90:F7:FD:51:3D:2F
@@ -20223,16 +19832,17 @@
\173\360\171\121\327\103\075\247\323\201\323\360\311\117\271\332
\306\227\206\320\202\303\344\102\155\376\260\342\144\116\016\046
\347\100\064\046\265\010\211\327\010\143\143\070\047\165\036\063
\352\156\250\335\237\231\117\164\115\201\211\200\113\335\232\227
\051\134\057\276\201\101\271\214\377\352\175\140\006\236\315\327
\075\323\056\243\025\274\250\346\046\345\157\303\334\270\003\041
\352\237\026\361\054\124\265
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "D-TRUST Root Class 3 CA 2 EV 2009"
# Issuer: CN=D-TRUST Root Class 3 CA 2 EV 2009,O=D-Trust GmbH,C=DE
# Serial Number: 623604 (0x983f4)
# Subject: CN=D-TRUST Root Class 3 CA 2 EV 2009,O=D-Trust GmbH,C=DE
# Not Valid Before: Thu Nov 05 08:50:46 2009
# Not Valid After : Mon Nov 05 08:50:46 2029
# Fingerprint (MD5): AA:C6:43:2C:5E:2D:CD:C4:34:C0:50:4F:11:02:4F:B6
@@ -20472,16 +20082,17 @@
\071\246\202\326\161\312\336\267\325\272\150\010\355\231\314\375
\242\222\313\151\270\235\371\012\244\246\076\117\223\050\052\141
\154\007\046\000\377\226\137\150\206\270\270\316\312\125\340\253
\261\075\177\230\327\063\016\132\075\330\170\302\304\140\057\307
\142\360\141\221\322\070\260\366\236\125\333\100\200\005\022\063
\316\035\222\233\321\151\263\377\277\361\222\012\141\065\077\335
\376\206\364\274\340\032\161\263\142\246
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "PSCProcert"
# Issuer: E=acraiz@suscerte.gob.ve,OU=Superintendencia de Servicios de Certificacion Electronica,O=Sistema Nacional de Certificacion Electronica,ST=Distrito Capital,L=Caracas,C=VE,CN=Autoridad de Certificacion Raiz del Estado Venezolano
# Serial Number: 11 (0xb)
# Subject: CN=PSCProcert,C=VE,O=Sistema Nacional de Certificacion Electronica,OU=Proveedor de Certificados PROCERT,ST=Miranda,L=Chacao,E=contacto@procert.net.ve
# Not Valid Before: Tue Dec 28 16:51:00 2010
# Not Valid After : Fri Dec 25 23:59:59 2020
# Fingerprint (MD5): E6:24:E9:12:01:AE:0C:DE:8E:85:C4:CE:A3:12:DD:EC
@@ -20630,16 +20241,17 @@
\146\102\107\302\130\044\231\341\345\076\345\165\054\216\103\326
\135\074\170\036\250\225\202\051\120\321\321\026\272\357\301\276
\172\331\264\330\314\036\114\106\341\167\261\061\253\275\052\310
\316\217\156\241\135\177\003\165\064\344\255\211\105\124\136\276
\256\050\245\273\077\170\171\353\163\263\012\015\375\276\311\367
\126\254\366\267\355\057\233\041\051\307\070\266\225\304\004\362
\303\055\375\024\052\220\231\271\007\314\237
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "China Internet Network Information Center EV Certificates Root"
# Issuer: CN=China Internet Network Information Center EV Certificates Root,O=China Internet Network Information Center,C=CN
# Serial Number: 1218379777 (0x489f0001)
# Subject: CN=China Internet Network Information Center EV Certificates Root,O=China Internet Network Information Center,C=CN
# Not Valid Before: Tue Aug 31 07:11:25 2010
# Not Valid After : Sat Aug 31 07:11:25 2030
# Fingerprint (MD5): 55:5D:63:00:97:BD:6A:97:F5:67:AB:4B:FB:6E:63:15
@@ -20805,16 +20417,17 @@
\361\377\246\100\005\205\005\134\312\007\031\134\013\023\050\114
\130\177\302\245\357\105\332\140\323\256\145\141\235\123\203\164
\302\256\362\134\302\026\355\222\076\204\076\163\140\210\274\166
\364\054\317\320\175\175\323\270\136\321\221\022\020\351\315\335
\312\045\343\325\355\231\057\276\165\201\113\044\371\105\106\224
\311\051\041\123\234\046\105\252\023\027\344\347\315\170\342\071
\301\053\022\236\246\236\033\305\346\016\331\061\331
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Swisscom Root CA 2"
# Issuer: CN=Swisscom Root CA 2,OU=Digital Certificate Services,O=Swisscom,C=ch
# Serial Number:1e:9e:28:e8:48:f2:e5:ef:c3:7c:4a:1e:5a:18:67:b6
# Subject: CN=Swisscom Root CA 2,OU=Digital Certificate Services,O=Swisscom,C=ch
# Not Valid Before: Fri Jun 24 08:38:14 2011
# Not Valid After : Wed Jun 25 07:38:14 2031
# Fingerprint (MD5): 5B:04:69:EC:A5:83:94:63:18:A7:86:D0:E4:F2:6E:19
@@ -20980,16 +20593,17 @@
\234\337\164\326\360\100\025\035\310\271\217\265\066\305\257\370
\042\270\312\035\363\326\266\031\017\237\141\145\152\352\164\310
\174\217\303\117\135\145\202\037\331\015\211\332\165\162\373\357
\361\107\147\023\263\310\321\031\210\047\046\232\231\171\177\036
\344\054\077\173\356\361\336\115\213\226\227\303\325\077\174\033
\043\355\244\263\035\026\162\103\113\040\341\131\176\302\350\255
\046\277\242\367
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Swisscom Root EV CA 2"
# Issuer: CN=Swisscom Root EV CA 2,OU=Digital Certificate Services,O=Swisscom,C=ch
# Serial Number:00:f2:fa:64:e2:74:63:d3:8d:fd:10:1d:04:1f:76:ca:58
# Subject: CN=Swisscom Root EV CA 2,OU=Digital Certificate Services,O=Swisscom,C=ch
# Not Valid Before: Fri Jun 24 09:45:08 2011
# Not Valid After : Wed Jun 25 08:45:08 2031
# Fingerprint (MD5): 7B:30:34:9F:DD:0A:4B:6B:35:CA:31:51:28:5D:AE:EC
@@ -21144,16 +20758,17 @@
\001\347\177\227\017\327\362\173\031\375\032\327\217\311\372\205
\153\172\235\236\211\266\246\050\231\223\210\100\367\076\315\121
\243\312\352\357\171\107\041\265\376\062\342\307\303\121\157\276
\200\164\360\244\303\072\362\117\351\137\337\031\012\362\073\023
\103\254\061\244\263\347\353\374\030\326\001\251\363\052\217\066
\016\353\264\261\274\267\114\311\153\277\241\363\331\364\355\342
\360\343\355\144\236\075\057\226\122\117\200\123\213
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "CA Disig Root R1"
# Issuer: CN=CA Disig Root R1,O=Disig a.s.,L=Bratislava,C=SK
# Serial Number:00:c3:03:9a:ee:50:90:6e:28
# Subject: CN=CA Disig Root R1,O=Disig a.s.,L=Bratislava,C=SK
# Not Valid Before: Thu Jul 19 09:06:56 2012
# Not Valid After : Sat Jul 19 09:06:56 2042
# Fingerprint (MD5): BE:EC:11:93:9A:F5:69:21:BC:D7:C1:C0:67:89:CC:2A
@@ -21306,16 +20921,17 @@
\233\116\166\300\216\175\375\244\045\307\107\355\377\037\163\254
\314\303\245\351\157\012\216\233\145\302\120\205\265\243\240\123
\022\314\125\207\141\363\201\256\020\106\141\275\104\041\270\302
\075\164\317\176\044\065\372\034\007\016\233\075\042\312\357\061
\057\214\254\022\275\357\100\050\374\051\147\237\262\023\117\146
\044\304\123\031\351\036\051\025\357\346\155\260\177\055\147\375
\363\154\033\165\106\243\345\112\027\351\244\327\013
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "CA Disig Root R2"
# Issuer: CN=CA Disig Root R2,O=Disig a.s.,L=Bratislava,C=SK
# Serial Number:00:92:b8:88:db:b0:8a:c1:63
# Subject: CN=CA Disig Root R2,O=Disig a.s.,L=Bratislava,C=SK
# Not Valid Before: Thu Jul 19 09:15:30 2012
# Not Valid After : Sat Jul 19 09:15:30 2042
# Fingerprint (MD5): 26:01:FB:D8:27:A7:17:9A:45:54:38:1A:43:01:3B:03
@@ -21505,16 +21121,17 @@
\346\301\232\351\036\002\107\237\052\250\155\251\133\317\354\105
\167\177\230\047\232\062\135\052\343\204\356\305\230\146\057\226
\040\035\335\330\303\047\327\260\371\376\331\175\315\320\237\217
\013\024\130\121\237\057\213\303\070\055\336\350\217\326\215\207
\244\365\126\103\026\231\054\364\244\126\264\064\270\141\067\311
\302\130\200\033\240\227\241\374\131\215\351\021\366\321\017\113
\125\064\106\052\213\206\073
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "ACCVRAIZ1"
# Issuer: C=ES,O=ACCV,OU=PKIACCV,CN=ACCVRAIZ1
# Serial Number:5e:c3:b7:a6:43:7f:a4:e0
# Subject: C=ES,O=ACCV,OU=PKIACCV,CN=ACCVRAIZ1
# Not Valid Before: Thu May 05 09:37:37 2011
# Not Valid After : Tue Dec 31 09:37:37 2030
# Fingerprint (MD5): D0:A0:5A:EE:05:B6:09:94:21:A1:7D:F1:B2:29:82:02
@@ -21664,16 +21281,17 @@
\301\255\175\204\003\074\020\170\206\033\171\343\304\363\362\004
\225\040\256\043\202\304\263\072\000\142\277\346\066\044\341\127
\272\307\036\220\165\325\137\077\225\141\053\301\073\315\345\263
\150\141\320\106\046\251\041\122\151\055\353\056\307\353\167\316
\246\072\265\003\063\117\166\321\347\134\124\001\135\313\170\364
\311\014\277\317\022\216\027\055\043\150\224\347\253\376\251\262
\053\006\320\004\315
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "TWCA Global Root CA"
# Issuer: CN=TWCA Global Root CA,OU=Root CA,O=TAIWAN-CA,C=TW
# Serial Number: 3262 (0xcbe)
# Subject: CN=TWCA Global Root CA,OU=Root CA,O=TAIWAN-CA,C=TW
# Not Valid Before: Wed Jun 27 06:28:33 2012
# Not Valid After : Tue Dec 31 15:59:59 2030
# Fingerprint (MD5): F9:03:7E:CF:E6:9E:3C:73:7A:2A:90:07:69:FF:2B:96
@@ -21820,16 +21438,17 @@
\255\316\364\370\151\024\144\071\373\243\270\272\160\100\307\047
\034\277\304\126\123\372\143\145\320\363\034\016\026\365\153\206
\130\115\030\324\344\015\216\245\235\133\221\334\166\044\120\077
\306\052\373\331\267\234\265\326\346\320\331\350\031\213\025\161
\110\255\267\352\330\131\210\324\220\277\026\263\331\351\254\131
\141\124\310\034\272\312\301\312\341\271\040\114\217\072\223\211
\245\240\314\277\323\366\165\244\165\226\155\126
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "TeliaSonera Root CA v1"
# Issuer: CN=TeliaSonera Root CA v1,O=TeliaSonera
# Serial Number:00:95:be:16:a0:f7:2e:46:f1:7b:39:82:72:fa:8b:cd:96
# Subject: CN=TeliaSonera Root CA v1,O=TeliaSonera
# Not Valid Before: Thu Oct 18 12:00:50 2007
# Not Valid After : Mon Oct 18 12:00:50 2032
# Fingerprint (MD5): 37:41:49:1B:18:56:9A:26:F5:AD:C2:66:FB:40:A5:4C
@@ -22007,16 +21626,17 @@
\237\211\213\375\067\137\137\072\316\070\131\206\113\257\161\013
\264\330\362\160\117\237\062\023\343\260\247\127\345\332\332\103
\313\204\064\362\050\304\352\155\364\052\357\301\153\166\332\373
\176\273\205\074\322\123\302\115\276\161\341\105\321\375\043\147
\015\023\165\373\317\145\147\042\235\256\260\011\321\011\377\035
\064\277\376\043\227\067\322\071\372\075\015\006\013\264\333\073
\243\253\157\134\035\266\176\350\263\202\064\355\006\134\044
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "E-Tugra Certification Authority"
# Issuer: CN=E-Tugra Certification Authority,OU=E-Tugra Sertifikasyon Merkezi,O=E-Tu..ra EBG Bili..im Teknolojileri ve Hizmetleri A....,L=Ankara,C=TR
# Serial Number:6a:68:3e:9c:51:9b:cb:53
# Subject: CN=E-Tugra Certification Authority,OU=E-Tugra Sertifikasyon Merkezi,O=E-Tu..ra EBG Bili..im Teknolojileri ve Hizmetleri A....,L=Ankara,C=TR
# Not Valid Before: Tue Mar 05 12:09:48 2013
# Not Valid After : Fri Mar 03 12:09:48 2023
# Fingerprint (MD5): B8:A1:03:63:B0:BD:21:71:70:8A:6F:13:3A:BB:79:49
@@ -22155,16 +21775,17 @@
\203\125\352\174\302\051\211\033\351\157\263\316\342\005\204\311
\057\076\170\205\142\156\311\137\301\170\143\164\130\300\110\030
\014\231\071\353\244\314\032\265\171\132\215\025\234\330\024\015
\366\172\007\127\307\042\203\005\055\074\233\045\046\075\030\263
\251\103\174\310\310\253\144\217\016\243\277\234\033\235\060\333
\332\320\031\056\252\074\361\373\063\200\166\344\315\255\031\117
\005\047\216\023\241\156\302
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "T-TeleSec GlobalRoot Class 2"
# Issuer: CN=T-TeleSec GlobalRoot Class 2,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE
# Serial Number: 1 (0x1)
# Subject: CN=T-TeleSec GlobalRoot Class 2,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE
# Not Valid Before: Wed Oct 01 10:40:14 2008
# Not Valid After : Sat Oct 01 23:59:59 2033
# Fingerprint (MD5): 2B:9B:9E:E4:7B:6C:1F:00:72:1A:CC:C1:77:79:DF:6A
@@ -22285,16 +21906,17 @@
\265\024\357\264\021\377\016\025\265\365\365\333\306\275\353\132
\247\360\126\042\251\074\145\124\306\025\250\275\206\236\315\203
\226\150\172\161\201\211\341\013\341\352\021\033\150\010\314\151
\236\354\236\101\236\104\062\046\172\342\207\012\161\075\353\344
\132\244\322\333\305\315\306\336\140\177\271\363\117\104\222\357
\052\267\030\076\247\031\331\013\175\261\067\101\102\260\272\140
\035\362\376\011\021\260\360\207\173\247\235
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Atos TrustedRoot 2011"
# Issuer: C=DE,O=Atos,CN=Atos TrustedRoot 2011
# Serial Number:5c:33:cb:62:2c:5f:b3:32
# Subject: C=DE,O=Atos,CN=Atos TrustedRoot 2011
# Not Valid Before: Thu Jul 07 14:58:30 2011
# Not Valid After : Tue Dec 31 23:59:59 2030
# Fingerprint (MD5): AE:B9:C4:32:4B:AC:7F:5D:66:CC:77:94:BB:2A:77:56
@@ -22444,16 +22066,17 @@
\353\134\237\336\263\257\147\003\263\037\335\155\135\151\150\151
\253\136\072\354\174\151\274\307\073\205\116\236\025\271\264\025
\117\303\225\172\130\327\311\154\351\154\271\363\051\143\136\264
\054\360\055\075\355\132\145\340\251\133\100\302\110\231\201\155
\236\037\006\052\074\022\264\213\017\233\242\044\360\246\215\326
\172\340\113\266\144\226\143\225\204\302\112\315\034\056\044\207
\063\140\345\303
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "QuoVadis Root CA 1 G3"
# Issuer: CN=QuoVadis Root CA 1 G3,O=QuoVadis Limited,C=BM
# Serial Number:78:58:5f:2e:ad:2c:19:4b:e3:37:07:35:34:13:28:b5:96:d4:65:93
# Subject: CN=QuoVadis Root CA 1 G3,O=QuoVadis Limited,C=BM
# Not Valid Before: Thu Jan 12 17:27:44 2012
# Not Valid After : Sun Jan 12 17:27:44 2042
# Fingerprint (SHA-256): 8A:86:6F:D1:B2:76:B5:7E:57:8E:92:1C:65:82:8A:2B:ED:58:E9:F2:F2:88:05:41:34:B7:F1:F4:BF:C9:CC:74
@@ -22605,16 +22228,17 @@
\374\267\003\111\002\133\310\045\346\342\124\070\365\171\207\214
\035\123\262\116\205\173\006\070\307\054\370\370\260\162\215\045
\345\167\122\364\003\034\110\246\120\137\210\040\060\156\362\202
\103\253\075\227\204\347\123\373\041\301\117\017\042\232\206\270
\131\052\366\107\075\031\210\055\350\205\341\236\354\205\010\152
\261\154\064\311\035\354\110\053\073\170\355\146\304\216\171\151
\203\336\177\214
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "QuoVadis Root CA 2 G3"
# Issuer: CN=QuoVadis Root CA 2 G3,O=QuoVadis Limited,C=BM
# Serial Number:44:57:34:24:5b:81:89:9b:35:f2:ce:b8:2b:3b:5b:a7:26:f0:75:28
# Subject: CN=QuoVadis Root CA 2 G3,O=QuoVadis Limited,C=BM
# Not Valid Before: Thu Jan 12 18:59:32 2012
# Not Valid After : Sun Jan 12 18:59:32 2042
# Fingerprint (SHA-256): 8F:E4:FB:0A:F9:3A:4D:0D:67:DB:0B:EB:B2:3E:37:C7:1B:F3:25:DC:BC:DD:24:0E:A0:4D:AF:58:B4:7E:18:40
@@ -22766,16 +22390,17 @@
\046\350\354\266\013\055\247\205\065\315\375\131\310\237\321\315
\076\132\051\064\271\075\204\316\261\145\324\131\221\221\126\165
\041\301\167\236\371\172\341\140\235\323\255\004\030\364\174\353
\136\223\217\123\112\042\051\370\110\053\076\115\206\254\133\177
\313\006\231\131\140\330\130\145\225\215\104\321\367\177\176\047
\177\175\256\200\365\007\114\266\076\234\161\124\231\004\113\375
\130\371\230\364
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "QuoVadis Root CA 3 G3"
# Issuer: CN=QuoVadis Root CA 3 G3,O=QuoVadis Limited,C=BM
# Serial Number:2e:f5:9b:02:28:a7:db:7a:ff:d5:a3:a9:ee:bd:03:a0:cf:12:6a:1d
# Subject: CN=QuoVadis Root CA 3 G3,O=QuoVadis Limited,C=BM
# Not Valid Before: Thu Jan 12 20:26:32 2012
# Not Valid After : Sun Jan 12 20:26:32 2042
# Fingerprint (SHA-256): 88:EF:81:DE:20:2E:B0:18:45:2E:43:F8:64:72:5C:EA:5F:BD:1F:C2:D9:D2:05:73:07:09:C5:D8:B8:69:0F:46
@@ -22902,16 +22527,17 @@
\007\234\242\272\331\001\162\134\363\115\301\335\016\261\034\015
\304\143\276\255\364\024\373\211\354\242\101\016\114\314\310\127
\100\320\156\003\252\315\014\216\211\231\231\154\360\074\060\257
\070\337\157\274\243\276\051\040\047\253\164\377\023\042\170\336
\227\122\125\036\203\265\124\040\003\356\256\300\117\126\336\067
\314\303\177\252\004\047\273\323\167\270\142\333\027\174\234\050
\042\023\163\154\317\046\365\212\051\347
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "DigiCert Assured ID Root G2"
# Issuer: CN=DigiCert Assured ID Root G2,OU=www.digicert.com,O=DigiCert Inc,C=US
# Serial Number:0b:93:1c:3a:d6:39:67:ea:67:23:bf:c3:af:9a:f4:4b
# Subject: CN=DigiCert Assured ID Root G2,OU=www.digicert.com,O=DigiCert Inc,C=US
# Not Valid Before: Thu Aug 01 12:00:00 2013
# Not Valid After : Fri Jan 15 12:00:00 2038
# Fingerprint (SHA-256): 7D:05:EB:B6:82:33:9F:8C:94:51:EE:09:4E:EB:FE:FA:79:53:A1:14:ED:B2:F4:49:49:45:2F:AB:7D:2F:C1:85
@@ -23019,16 +22645,17 @@
\003\003\147\000\060\144\002\060\045\244\201\105\002\153\022\113
\165\164\117\310\043\343\160\362\165\162\336\174\211\360\317\221
\162\141\236\136\020\222\131\126\271\203\307\020\347\070\351\130
\046\066\175\325\344\064\206\071\002\060\174\066\123\360\060\345
\142\143\072\231\342\266\243\073\233\064\372\036\332\020\222\161
\136\221\023\247\335\244\156\222\314\062\326\365\041\146\307\057
\352\226\143\152\145\105\222\225\001\264
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "DigiCert Assured ID Root G3"
# Issuer: CN=DigiCert Assured ID Root G3,OU=www.digicert.com,O=DigiCert Inc,C=US
# Serial Number:0b:a1:5a:fa:1d:df:a0:b5:49:44:af:cd:24:a0:6c:ec
# Subject: CN=DigiCert Assured ID Root G3,OU=www.digicert.com,O=DigiCert Inc,C=US
# Not Valid Before: Thu Aug 01 12:00:00 2013
# Not Valid After : Fri Jan 15 12:00:00 2038
# Fingerprint (SHA-256): 7E:37:CB:8B:4C:47:09:0C:AB:36:55:1B:A6:F4:5D:B8:40:68:0F:BA:16:6A:95:2D:B1:00:71:7F:43:05:3F:C2
@@ -23157,16 +22784,17 @@
\362\261\216\231\241\157\023\261\101\161\376\210\052\310\117\020
\040\125\327\363\024\105\345\340\104\364\352\207\225\062\223\016
\376\123\106\372\054\235\377\213\042\271\113\331\011\105\244\336
\244\270\232\130\335\033\175\122\237\216\131\103\210\201\244\236
\046\325\157\255\335\015\306\067\175\355\003\222\033\345\167\137
\166\356\074\215\304\135\126\133\242\331\146\156\263\065\067\345
\062\266
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "DigiCert Global Root G2"
# Issuer: CN=DigiCert Global Root G2,OU=www.digicert.com,O=DigiCert Inc,C=US
# Serial Number:03:3a:f1:e6:a7:11:a9:a0:bb:28:64:b1:1d:09:fa:e5
# Subject: CN=DigiCert Global Root G2,OU=www.digicert.com,O=DigiCert Inc,C=US
# Not Valid Before: Thu Aug 01 12:00:00 2013
# Not Valid After : Fri Jan 15 12:00:00 2038
# Fingerprint (SHA-256): CB:3C:CB:B7:60:31:E5:E0:13:8F:8D:D3:9A:23:F9:DE:47:FF:C3:5E:43:C1:14:4C:EA:27:D4:6A:5A:B1:CB:5F
@@ -23274,16 +22902,17 @@
\000\255\274\362\154\077\022\112\321\055\071\303\012\011\227\163
\364\210\066\214\210\047\273\346\210\215\120\205\247\143\371\236
\062\336\146\223\017\361\314\261\011\217\335\154\253\372\153\177
\240\002\060\071\146\133\302\144\215\270\236\120\334\250\325\111
\242\355\307\334\321\111\177\027\001\270\310\206\217\116\214\210
\053\250\232\251\212\305\321\000\275\370\124\342\232\345\133\174
\263\047\027
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "DigiCert Global Root G3"
# Issuer: CN=DigiCert Global Root G3,OU=www.digicert.com,O=DigiCert Inc,C=US
# Serial Number:05:55:56:bc:f2:5e:a4:35:35:c3:a4:0f:d5:ab:45:72
# Subject: CN=DigiCert Global Root G3,OU=www.digicert.com,O=DigiCert Inc,C=US
# Not Valid Before: Thu Aug 01 12:00:00 2013
# Not Valid After : Fri Jan 15 12:00:00 2038
# Fingerprint (SHA-256): 31:AD:66:48:F8:10:41:38:C7:38:F3:9E:A4:32:01:33:39:3E:3A:18:CC:02:29:6E:F9:7C:2A:C9:EF:67:31:D0
@@ -23444,16 +23073,17 @@
\102\154\311\012\274\356\103\372\072\161\245\310\115\046\245\065
\375\211\135\274\205\142\035\062\322\240\053\124\355\232\127\301
\333\372\020\317\031\267\213\112\033\217\001\266\047\225\123\350
\266\211\155\133\274\150\324\043\350\213\121\242\126\371\360\246
\200\240\326\036\263\274\017\017\123\165\051\252\352\023\167\344
\336\214\201\041\255\007\020\107\021\255\207\075\007\321\165\274
\317\363\146\176
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "DigiCert Trusted Root G4"
# Issuer: CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US
# Serial Number:05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
# Subject: CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US
# Not Valid Before: Thu Aug 01 12:00:00 2013
# Not Valid After : Fri Jan 15 12:00:00 2038
# Fingerprint (SHA-256): 55:2F:7B:DC:F1:A7:AF:9E:6C:E6:72:01:7F:4F:12:AB:F7:72:40:C7:8E:76:1A:C2:03:D1:D9:D2:0A:C8:99:88
@@ -23610,16 +23240,17 @@
\047\274\172\277\340\333\364\332\122\275\336\014\124\160\061\221
\103\225\310\274\360\076\335\011\176\060\144\120\355\177\001\244
\063\147\115\150\117\276\025\357\260\366\002\021\242\033\023\045
\072\334\302\131\361\343\134\106\273\147\054\002\106\352\036\110
\246\346\133\331\265\274\121\242\222\226\333\252\306\067\042\246
\376\314\040\164\243\055\251\056\153\313\300\202\021\041\265\223
\171\356\104\206\276\327\036\344\036\373
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "WoSign"
# Issuer: CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN
# Serial Number:5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
# Subject: CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN
# Not Valid Before: Sat Aug 08 01:00:01 2009
# Not Valid After : Mon Aug 08 01:00:01 2039
# Fingerprint (SHA-256): 4B:22:D5:A6:AE:C9:9F:3C:DB:79:AA:5E:C0:68:38:47:9C:D5:EC:BA:71:64:F7:F2:2D:C1:D6:5F:63:D8:57:08
@@ -23771,16 +23402,17 @@
\324\175\253\227\063\304\323\076\340\151\266\050\171\240\011\215
\034\321\377\101\162\110\006\374\232\056\347\040\371\233\242\336
\211\355\256\074\011\257\312\127\263\222\211\160\100\344\057\117
\302\160\203\100\327\044\054\153\347\011\037\323\325\307\301\010
\364\333\016\073\034\007\013\103\021\204\041\206\351\200\324\165
\330\253\361\002\142\301\261\176\125\141\317\023\327\046\260\327
\234\313\051\213\070\112\013\016\220\215\272\241
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "WoSign China"
# Issuer: CN=CA ...............,O=WoSign CA Limited,C=CN
# Serial Number:50:70:6b:cd:d8:13:fc:1b:4e:3b:33:72:d2:11:48:8d
# Subject: CN=CA ...............,O=WoSign CA Limited,C=CN
# Not Valid Before: Sat Aug 08 01:00:01 2009
# Not Valid After : Mon Aug 08 01:00:01 2039
# Fingerprint (SHA-256): D6:F0:34:BD:94:AA:23:3F:02:97:EC:A4:24:5B:28:39:73:E4:47:AA:59:0F:31:0C:77:F4:8F:DF:83:11:22:54
@@ -23947,16 +23579,17 @@
\100\350\123\262\047\235\112\271\300\167\041\215\377\207\362\336
\274\214\357\027\337\267\111\013\321\362\156\060\013\032\016\116
\166\355\021\374\365\351\126\262\175\277\307\155\012\223\214\245
\320\300\266\035\276\072\116\224\242\327\156\154\013\302\212\174
\372\040\363\304\344\345\315\015\250\313\221\222\261\174\205\354
\265\024\151\146\016\202\347\315\316\310\055\246\121\177\041\301
\065\123\205\006\112\135\237\255\273\033\137\164
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "COMODO RSA Certification Authority"
# Issuer: CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
# Serial Number:4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
# Subject: CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
# Not Valid Before: Tue Jan 19 00:00:00 2010
# Not Valid After : Mon Jan 18 23:59:59 2038
# Fingerprint (SHA-256): 52:F0:E1:C4:E5:8E:C6:29:29:1B:60:31:7F:07:46:71:B8:5D:7E:A8:0D:5B:07:27:34:63:53:4B:32:B4:02:34
@@ -24128,16 +23761,17 @@
\245\233\267\220\307\014\007\337\365\211\066\164\062\326\050\301
\260\260\013\340\234\114\303\034\326\374\343\151\265\107\106\201
\057\242\202\253\323\143\104\160\304\215\377\055\063\272\255\217
\173\265\160\210\256\076\031\317\100\050\330\374\310\220\273\135
\231\042\365\122\346\130\305\037\210\061\103\356\210\035\327\306
\216\074\103\152\035\247\030\336\175\075\026\361\142\371\312\220
\250\375
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "USERTrust RSA Certification Authority"
# Issuer: CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US
# Serial Number:01:fd:6d:30:fc:a3:ca:51:a8:1b:bc:64:0e:35:03:2d
# Subject: CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US
# Not Valid Before: Mon Feb 01 00:00:00 2010
# Not Valid After : Mon Jan 18 23:59:59 2038
# Fingerprint (SHA-256): E7:93:C9:B0:2F:D8:AA:13:E2:1C:31:22:8A:CC:B0:81:19:64:3B:74:9C:89:89:64:B1:74:6D:46:C3:D4:CB:D2
@@ -24256,16 +23890,17 @@
\066\147\241\026\010\334\344\227\000\101\035\116\276\341\143\001
\317\073\252\102\021\144\240\235\224\071\002\021\171\134\173\035
\372\144\271\356\026\102\263\277\212\302\011\304\354\344\261\115
\002\061\000\351\052\141\107\214\122\112\113\116\030\160\366\326
\104\326\156\365\203\272\155\130\275\044\331\126\110\352\357\304
\242\106\201\210\152\072\106\321\251\233\115\311\141\332\321\135
\127\152\030
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "USERTrust ECC Certification Authority"
# Issuer: CN=USERTrust ECC Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US
# Serial Number:5c:8b:99:c5:5a:94:c5:d2:71:56:de:cd:89:80:cc:26
# Subject: CN=USERTrust ECC Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US
# Not Valid Before: Mon Feb 01 00:00:00 2010
# Not Valid After : Mon Jan 18 23:59:59 2038
# Fingerprint (SHA-256): 4F:F4:60:D5:4B:9C:86:DA:BF:BC:FC:57:12:E0:40:0D:2B:ED:3F:BC:4D:4F:BD:AA:86:E0:6A:DC:D2:A9:AD:7A
@@ -24367,16 +24002,17 @@
\270\342\100\177\373\012\156\373\276\063\311\074\243\204\325\060
\012\006\010\052\206\110\316\075\004\003\002\003\110\000\060\105
\002\041\000\334\222\241\240\023\246\317\003\260\346\304\041\227
\220\372\024\127\055\003\354\356\074\323\156\312\250\154\166\274
\242\336\273\002\040\047\250\205\047\065\233\126\306\243\362\107
\322\267\156\033\002\000\027\252\147\246\025\221\336\372\224\354
\173\013\370\237\204
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "GlobalSign ECC Root CA - R4"
# Issuer: CN=GlobalSign,O=GlobalSign,OU=GlobalSign ECC Root CA - R4
# Serial Number:2a:38:a4:1c:96:0a:04:de:42:b2:28:a5:0b:e8:34:98:02
# Subject: CN=GlobalSign,O=GlobalSign,OU=GlobalSign ECC Root CA - R4
# Not Valid Before: Tue Nov 13 00:00:00 2012
# Not Valid After : Tue Jan 19 03:14:07 2038
# Fingerprint (SHA-256): BE:C9:49:11:C2:95:56:76:DB:6C:0A:55:09:86:D7:6E:3B:A0:05:66:7C:44:2C:97:62:B4:FB:B7:73:DE:22:8C
@@ -24479,16 +24115,17 @@
\345\151\022\311\156\333\306\061\272\011\101\341\227\370\373\375
\232\342\175\022\311\355\174\144\323\313\005\045\213\126\331\240
\347\136\135\116\013\203\234\133\166\051\240\011\046\041\152\142
\002\060\161\322\265\217\134\352\073\341\170\011\205\250\165\222
\073\310\134\375\110\357\015\164\042\250\010\342\156\305\111\316
\307\014\274\247\141\151\361\367\073\341\052\313\371\053\363\146
\220\067
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "GlobalSign ECC Root CA - R5"
# Issuer: CN=GlobalSign,O=GlobalSign,OU=GlobalSign ECC Root CA - R5
# Serial Number:60:59:49:e0:26:2e:bb:55:f9:0a:77:8a:71:f9:4a:d8:6c
# Subject: CN=GlobalSign,O=GlobalSign,OU=GlobalSign ECC Root CA - R5
# Not Valid Before: Tue Nov 13 00:00:00 2012
# Not Valid After : Tue Jan 19 03:14:07 2038
# Fingerprint (SHA-256): 17:9F:BC:14:8A:3D:D0:0F:D2:4E:A1:34:58:CC:43:BF:A7:F5:9C:81:82:D7:83:A5:13:F6:EB:EC:10:0C:89:24
@@ -24653,16 +24290,17 @@
\107\234\167\307\045\341\254\064\005\115\363\202\176\101\043\272
\264\127\363\347\306\001\145\327\115\211\231\034\151\115\136\170
\366\353\162\161\075\262\304\225\001\237\135\014\267\057\045\246
\134\171\101\357\236\304\147\074\241\235\177\161\072\320\225\227
\354\170\102\164\230\156\276\076\150\114\127\074\250\223\101\207
\013\344\271\257\221\373\120\114\014\272\300\044\047\321\025\333
\145\110\041\012\057\327\334\176\240\314\145\176\171
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "VeriSign-C3SSA-G2-temporary-intermediate-after-1024bit-removal"
# Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU="(c) 2006 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
# Serial Number:2f:00:6e:cd:17:70:66:e7:5f:a3:82:0a:79:1f:05:ae
# Subject: CN=VeriSign Class 3 Secure Server CA - G2,OU=Terms of use at https://www.verisign.com/rpa (c)09,OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
# Not Valid Before: Thu Mar 26 00:00:00 2009
# Not Valid After : Sun Mar 24 23:59:59 2019
# Fingerprint (SHA-256): 0A:41:51:D5:E5:8B:84:B8:AC:E5:3A:5C:12:12:2A:C9:59:CD:69:91:FB:B3:8E:99:B5:76:C0:AB:DA:C3:58:14
@@ -24824,16 +24462,17 @@
\325\131\242\211\164\323\237\276\036\113\327\306\155\267\210\044
\157\140\221\244\202\205\133\126\101\274\320\104\253\152\023\276
\321\054\130\267\022\063\130\262\067\143\334\023\365\224\035\077
\100\121\365\117\365\072\355\310\305\353\302\036\035\026\225\172
\307\176\102\161\223\156\113\025\267\060\337\252\355\127\205\110
\254\035\152\335\071\151\344\341\171\170\276\316\005\277\241\014
\367\200\173\041\147\047\060\131
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Staat der Nederlanden Root CA - G3"
# Issuer: CN=Staat der Nederlanden Root CA - G3,O=Staat der Nederlanden,C=NL
# Serial Number: 10003001 (0x98a239)
# Subject: CN=Staat der Nederlanden Root CA - G3,O=Staat der Nederlanden,C=NL
# Not Valid Before: Thu Nov 14 11:28:42 2013
# Not Valid After : Mon Nov 13 23:00:00 2028
# Fingerprint (SHA-256): 3C:4F:B0:B9:5A:B8:B3:00:32:F4:32:B8:6F:53:5F:E1:72:C1:85:D0:FD:39:86:58:37:CF:36:18:7F:A6:F4:28
@@ -24987,16 +24626,17 @@
\170\157\120\202\104\120\077\146\006\212\253\103\204\126\112\017
\040\055\206\016\365\322\333\322\172\212\113\315\245\350\116\361
\136\046\045\001\131\043\240\176\322\366\176\041\127\327\047\274
\025\127\114\244\106\301\340\203\036\014\114\115\037\117\006\031
\342\371\250\364\072\202\241\262\171\103\171\326\255\157\172\047
\220\003\244\352\044\207\077\331\275\331\351\362\137\120\111\034
\356\354\327\056
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Staat der Nederlanden EV Root CA"
# Issuer: CN=Staat der Nederlanden EV Root CA,O=Staat der Nederlanden,C=NL
# Serial Number: 10000013 (0x98968d)
# Subject: CN=Staat der Nederlanden EV Root CA,O=Staat der Nederlanden,C=NL
# Not Valid Before: Wed Dec 08 11:19:29 2010
# Not Valid After : Thu Dec 08 11:10:28 2022
# Fingerprint (SHA-256): 4D:24:91:41:4C:FE:95:67:46:EC:4C:EF:A6:CF:6F:72:E2:8A:13:29:43:2F:9D:8A:90:7A:C4:CB:5D:AD:C1:5A
@@ -25148,16 +24788,17 @@
\312\112\201\153\136\013\363\121\341\164\053\351\176\047\247\331
\231\111\116\370\245\200\333\045\017\034\143\142\212\311\063\147
\153\074\020\203\306\255\336\250\315\026\216\215\360\007\067\161
\237\362\253\374\101\365\301\213\354\000\067\135\011\345\116\200
\357\372\261\134\070\006\245\033\112\341\334\070\055\074\334\253
\037\220\032\325\112\234\356\321\160\154\314\356\364\127\370\030
\272\204\156\207
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "IdenTrust Commercial Root CA 1"
# Issuer: CN=IdenTrust Commercial Root CA 1,O=IdenTrust,C=US
# Serial Number:0a:01:42:80:00:00:01:45:23:c8:44:b5:00:00:00:02
# Subject: CN=IdenTrust Commercial Root CA 1,O=IdenTrust,C=US
# Not Valid Before: Thu Jan 16 18:12:23 2014
# Not Valid After : Mon Jan 16 18:12:23 2034
# Fingerprint (SHA-256): 5D:56:49:9B:E4:D2:E0:8B:CF:CA:D0:8A:3E:38:72:3D:50:50:3B:DE:70:69:48:E4:2F:55:60:30:19:E5:28:AE
@@ -25309,16 +24950,17 @@
\150\011\061\161\360\155\370\116\107\373\326\205\356\305\130\100
\031\244\035\247\371\113\103\067\334\150\132\117\317\353\302\144
\164\336\264\025\331\364\124\124\032\057\034\327\227\161\124\220
\216\331\040\235\123\053\177\253\217\342\352\060\274\120\067\357
\361\107\265\175\174\054\004\354\150\235\264\111\104\020\364\162
\113\034\144\347\374\346\153\220\335\151\175\151\375\000\126\245
\267\254\266\255\267\312\076\001\357\234
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "IdenTrust Public Sector Root CA 1"
# Issuer: CN=IdenTrust Public Sector Root CA 1,O=IdenTrust,C=US
# Serial Number:0a:01:42:80:00:00:01:45:23:cf:46:7c:00:00:00:02
# Subject: CN=IdenTrust Public Sector Root CA 1,O=IdenTrust,C=US
# Not Valid Before: Thu Jan 16 17:53:32 2014
# Not Valid After : Mon Jan 16 17:53:32 2034
# Fingerprint (SHA-256): 30:D0:89:5A:9A:44:8A:26:20:91:63:55:22:D1:F5:20:10:B5:86:7A:CA:E1:2C:78:EF:95:8F:D4:F4:38:9F:2F
@@ -25453,16 +25095,17 @@
\217\252\302\107\057\024\161\325\051\343\020\265\107\223\045\314
\043\051\332\267\162\330\221\324\354\033\110\212\042\344\301\052
\367\072\150\223\237\105\031\156\103\267\314\376\270\221\232\141
\032\066\151\143\144\222\050\363\157\141\222\205\023\237\311\007
\054\213\127\334\353\236\171\325\302\336\010\325\124\262\127\116
\052\062\215\241\342\072\321\020\040\042\071\175\064\105\157\161
\073\303\035\374\377\262\117\250\342\366\060\036
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "S-TRUST Universal Root CA"
# Issuer: CN=S-TRUST Universal Root CA,OU=S-TRUST Certification Services,O=Deutscher Sparkassen Verlag GmbH,C=DE
# Serial Number:60:56:c5:4b:23:40:5b:64:d4:ed:25:da:d9:d6:1e:1e
# Subject: CN=S-TRUST Universal Root CA,OU=S-TRUST Certification Services,O=Deutscher Sparkassen Verlag GmbH,C=DE
# Not Valid Before: Tue Oct 22 00:00:00 2013
# Not Valid After : Thu Oct 21 23:59:59 2038
# Fingerprint (SHA-256): D8:0F:EF:91:0A:E3:F1:04:72:3B:04:5C:EC:2D:01:9F:44:1C:E6:21:3A:DF:15:67:91:E7:0C:17:90:11:0A:31
@@ -25615,16 +25258,17 @@
\274\075\320\204\350\352\006\162\260\115\071\062\170\277\076\021
\234\013\244\235\232\041\363\360\233\013\060\170\333\301\334\207
\103\376\274\143\232\312\305\302\034\311\307\215\377\073\022\130
\010\346\266\075\354\172\054\116\373\203\226\316\014\074\151\207
\124\163\244\163\302\223\377\121\020\254\025\124\001\330\374\005
\261\211\241\177\164\203\232\111\327\334\116\173\212\110\157\213
\105\366
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Entrust Root Certification Authority - G2"
# Issuer: CN=Entrust Root Certification Authority - G2,OU="(c) 2009 Entrust, Inc. - for authorized use only",OU=See www.entrust.net/legal-terms,O="Entrust, Inc.",C=US
# Serial Number: 1246989352 (0x4a538c28)
# Subject: CN=Entrust Root Certification Authority - G2,OU="(c) 2009 Entrust, Inc. - for authorized use only",OU=See www.entrust.net/legal-terms,O="Entrust, Inc.",C=US
# Not Valid Before: Tue Jul 07 17:25:54 2009
# Not Valid After : Sat Dec 07 17:55:54 2030
# Fingerprint (SHA-256): 43:DF:57:74:B0:3E:7F:EF:5F:E4:0D:93:1A:7B:ED:F1:BB:2E:6B:42:73:8C:4E:6D:38:41:10:3D:3A:A7:F3:39
@@ -25759,16 +25403,17 @@
\075\004\003\003\003\147\000\060\144\002\060\141\171\330\345\102
\107\337\034\256\123\231\027\266\157\034\175\341\277\021\224\321
\003\210\165\344\215\211\244\212\167\106\336\155\141\357\002\365
\373\265\337\314\376\116\377\376\251\346\247\002\060\133\231\327
\205\067\006\265\173\010\375\353\047\213\112\224\371\341\372\247
\216\046\010\350\174\222\150\155\163\330\157\046\254\041\002\270
\231\267\046\101\133\045\140\256\320\110\032\356\006
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Entrust Root Certification Authority - EC1"
# Issuer: CN=Entrust Root Certification Authority - EC1,OU="(c) 2012 Entrust, Inc. - for authorized use only",OU=See www.entrust.net/legal-terms,O="Entrust, Inc.",C=US
# Serial Number:00:a6:8b:79:29:00:00:00:00:50:d0:91:f9
# Subject: CN=Entrust Root Certification Authority - EC1,OU="(c) 2012 Entrust, Inc. - for authorized use only",OU=See www.entrust.net/legal-terms,O="Entrust, Inc.",C=US
# Not Valid Before: Tue Dec 18 15:25:36 2012
# Not Valid After : Fri Dec 18 15:55:36 2037
# Fingerprint (SHA-256): 02:ED:0E:B2:8C:14:DA:45:16:5C:56:67:91:70:0D:64:51:D7:FB:56:F0:B2:AB:1D:3B:8E:B0:70:E5:6E:DF:F5
@@ -25931,16 +25576,17 @@
\110\171\140\212\303\327\023\134\370\162\100\337\112\313\317\231
\000\012\000\013\021\225\332\126\105\003\210\012\237\147\320\325
\171\261\250\215\100\155\015\302\172\100\372\363\137\144\107\222
\313\123\271\273\131\316\117\375\320\025\123\001\330\337\353\331
\346\166\357\320\043\273\073\251\171\263\325\002\051\315\211\243
\226\017\112\065\347\116\102\300\165\315\007\317\346\054\353\173
\056
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "CFCA EV ROOT"
# Issuer: CN=CFCA EV ROOT,O=China Financial Certification Authority,C=CN
# Serial Number: 407555286 (0x184accd6)
# Subject: CN=CFCA EV ROOT,O=China Financial Certification Authority,C=CN
# Not Valid Before: Wed Aug 08 03:07:01 2012
# Not Valid After : Mon Dec 31 03:07:01 2029
# Fingerprint (SHA-256): 5C:C3:D7:8E:4E:1D:5E:45:54:7A:04:E6:87:3E:64:F9:0C:F9:53:6D:1C:CC:2E:F8:00:F3:55:C4:C5:FD:70:FD
@@ -26228,16 +25874,17 @@
\245\346\025\204\067\360\302\362\145\226\222\220\167\360\255\364
\220\351\021\170\327\223\211\300\075\013\272\051\364\350\231\235
\162\216\355\235\057\356\222\175\241\361\377\135\272\063\140\205
\142\376\007\002\241\204\126\106\276\226\012\232\023\327\041\114
\267\174\007\237\116\116\077\221\164\373\047\235\021\314\335\346
\261\312\161\115\023\027\071\046\305\051\041\053\223\051\152\226
\372\253\101\341\113\266\065\013\300\233\025
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5"
# Issuer: CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s.. H5,O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A....,L=Ankara,C=TR
# Serial Number:00:8e:17:fe:24:20:81
# Subject: CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s.. H5,O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A....,L=Ankara,C=TR
# Not Valid Before: Tue Apr 30 08:07:01 2013
# Not Valid After : Fri Apr 28 08:07:01 2023
# Fingerprint (SHA-256): 49:35:1B:90:34:44:C1:85:CC:DC:5C:69:3D:24:D8:55:5C:B2:08:D6:A8:14:13:07:69:9F:4A:F0:63:19:9D:78
@@ -26272,176 +25919,16 @@
\002\007\000\216\027\376\044\040\201
END
CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6"
-#
-# Issuer: CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s.. H6,O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A....,L=Ankara,C=TR
-# Serial Number:7d:a1:f2:65:ec:8a
-# Subject: CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s.. H6,O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A....,L=Ankara,C=TR
-# Not Valid Before: Wed Dec 18 09:04:10 2013
-# Not Valid After : Sat Dec 16 09:04:10 2023
-# Fingerprint (SHA-256): 8D:E7:86:55:E1:BE:7F:78:47:80:0B:93:F6:94:D2:1D:36:8C:C0:6E:03:3E:7F:AB:04:BB:5E:B9:9D:A6:B7:00
-# Fingerprint (SHA1): 8A:5C:8C:EE:A5:03:E6:05:56:BA:D8:1B:D4:F6:C9:B0:ED:E5:2F:E0
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\261\061\013\060\011\006\003\125\004\006\023\002\124\122
-\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141\162
-\141\061\115\060\113\006\003\125\004\012\014\104\124\303\234\122
-\113\124\122\125\123\124\040\102\151\154\147\151\040\304\260\154
-\145\164\151\305\237\151\155\040\166\145\040\102\151\154\151\305
-\237\151\155\040\107\303\274\166\145\156\154\151\304\237\151\040
-\110\151\172\155\145\164\154\145\162\151\040\101\056\305\236\056
-\061\102\060\100\006\003\125\004\003\014\071\124\303\234\122\113
-\124\122\125\123\124\040\105\154\145\153\164\162\157\156\151\153
-\040\123\145\162\164\151\146\151\153\141\040\110\151\172\155\145
-\164\040\123\141\304\237\154\141\171\304\261\143\304\261\163\304
-\261\040\110\066
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\261\061\013\060\011\006\003\125\004\006\023\002\124\122
-\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141\162
-\141\061\115\060\113\006\003\125\004\012\014\104\124\303\234\122
-\113\124\122\125\123\124\040\102\151\154\147\151\040\304\260\154
-\145\164\151\305\237\151\155\040\166\145\040\102\151\154\151\305
-\237\151\155\040\107\303\274\166\145\156\154\151\304\237\151\040
-\110\151\172\155\145\164\154\145\162\151\040\101\056\305\236\056
-\061\102\060\100\006\003\125\004\003\014\071\124\303\234\122\113
-\124\122\125\123\124\040\105\154\145\153\164\162\157\156\151\153
-\040\123\145\162\164\151\146\151\153\141\040\110\151\172\155\145
-\164\040\123\141\304\237\154\141\171\304\261\143\304\261\163\304
-\261\040\110\066
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\006\175\241\362\145\354\212
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\046\060\202\003\016\240\003\002\001\002\002\006\175
-\241\362\145\354\212\060\015\006\011\052\206\110\206\367\015\001
-\001\013\005\000\060\201\261\061\013\060\011\006\003\125\004\006
-\023\002\124\122\061\017\060\015\006\003\125\004\007\014\006\101
-\156\153\141\162\141\061\115\060\113\006\003\125\004\012\014\104
-\124\303\234\122\113\124\122\125\123\124\040\102\151\154\147\151
-\040\304\260\154\145\164\151\305\237\151\155\040\166\145\040\102
-\151\154\151\305\237\151\155\040\107\303\274\166\145\156\154\151
-\304\237\151\040\110\151\172\155\145\164\154\145\162\151\040\101
-\056\305\236\056\061\102\060\100\006\003\125\004\003\014\071\124
-\303\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162
-\157\156\151\153\040\123\145\162\164\151\146\151\153\141\040\110
-\151\172\155\145\164\040\123\141\304\237\154\141\171\304\261\143
-\304\261\163\304\261\040\110\066\060\036\027\015\061\063\061\062
-\061\070\060\071\060\064\061\060\132\027\015\062\063\061\062\061
-\066\060\071\060\064\061\060\132\060\201\261\061\013\060\011\006
-\003\125\004\006\023\002\124\122\061\017\060\015\006\003\125\004
-\007\014\006\101\156\153\141\162\141\061\115\060\113\006\003\125
-\004\012\014\104\124\303\234\122\113\124\122\125\123\124\040\102
-\151\154\147\151\040\304\260\154\145\164\151\305\237\151\155\040
-\166\145\040\102\151\154\151\305\237\151\155\040\107\303\274\166
-\145\156\154\151\304\237\151\040\110\151\172\155\145\164\154\145
-\162\151\040\101\056\305\236\056\061\102\060\100\006\003\125\004
-\003\014\071\124\303\234\122\113\124\122\125\123\124\040\105\154
-\145\153\164\162\157\156\151\153\040\123\145\162\164\151\146\151
-\153\141\040\110\151\172\155\145\164\040\123\141\304\237\154\141
-\171\304\261\143\304\261\163\304\261\040\110\066\060\202\001\042
-\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
-\202\001\017\000\060\202\001\012\002\202\001\001\000\235\260\150
-\326\350\275\024\226\243\000\012\232\361\364\307\314\221\115\161
-\170\167\271\367\041\046\025\163\121\026\224\011\107\005\342\063
-\365\150\232\065\377\334\113\057\062\307\260\355\342\202\345\157
-\332\332\352\254\306\006\317\045\015\101\201\366\301\070\042\275
-\371\261\245\246\263\001\274\077\120\027\053\366\351\146\125\324
-\063\263\134\370\103\040\170\223\125\026\160\031\062\346\211\327
-\144\353\275\110\120\375\366\320\101\003\302\164\267\375\366\200
-\317\133\305\253\244\326\225\022\233\347\227\023\062\003\351\324
-\253\103\133\026\355\063\042\144\051\266\322\223\255\057\154\330
-\075\266\366\035\016\064\356\322\175\251\125\017\040\364\375\051
-\273\221\133\034\175\306\102\070\155\102\050\155\324\001\373\315
-\210\227\111\176\270\363\203\370\265\230\057\263\047\013\110\136
-\126\347\116\243\063\263\104\326\245\362\030\224\355\034\036\251
-\225\134\142\112\370\015\147\121\251\257\041\325\370\062\235\171
-\272\032\137\345\004\125\115\023\106\377\362\317\164\307\032\143
-\155\303\037\027\022\303\036\020\076\140\010\263\061\002\003\001
-\000\001\243\102\060\100\060\035\006\003\125\035\016\004\026\004
-\024\335\125\027\023\366\254\350\110\041\312\357\265\257\321\000
-\062\355\236\214\265\060\016\006\003\125\035\017\001\001\377\004
-\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377\004
-\005\060\003\001\001\377\060\015\006\011\052\206\110\206\367\015
-\001\001\013\005\000\003\202\001\001\000\157\130\015\227\103\252
-\026\124\076\277\251\337\222\105\077\205\013\273\126\323\014\122
-\314\310\277\166\147\136\346\252\263\247\357\271\254\264\020\024
-\015\164\176\075\155\255\321\175\320\232\251\245\312\030\073\002
-\100\056\052\234\120\024\213\376\127\176\127\134\021\011\113\066
-\105\122\367\075\254\024\375\104\337\213\227\043\324\303\301\356
-\324\123\225\376\054\112\376\015\160\252\273\213\057\055\313\062
-\243\202\362\124\337\330\362\335\327\110\162\356\112\243\051\226
-\303\104\316\156\265\222\207\166\244\273\364\222\154\316\054\024
-\011\146\216\215\255\026\265\307\033\011\141\073\343\040\242\003
-\200\216\255\176\121\000\116\307\226\206\373\103\230\167\175\050
-\307\217\330\052\156\347\204\157\227\101\051\000\026\136\115\342
-\023\352\131\300\143\147\072\104\373\230\374\004\323\060\162\246
-\366\207\011\127\255\166\246\035\143\232\375\327\145\310\170\203
-\053\165\073\245\133\270\015\135\177\276\043\256\126\125\224\130
-\357\037\201\214\052\262\315\346\233\143\236\030\274\345\153\006
-\264\013\230\113\050\136\257\210\130\313
-END
-
-# Trust for "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6"
-# Issuer: CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s.. H6,O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A....,L=Ankara,C=TR
-# Serial Number:7d:a1:f2:65:ec:8a
-# Subject: CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s.. H6,O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A....,L=Ankara,C=TR
-# Not Valid Before: Wed Dec 18 09:04:10 2013
-# Not Valid After : Sat Dec 16 09:04:10 2023
-# Fingerprint (SHA-256): 8D:E7:86:55:E1:BE:7F:78:47:80:0B:93:F6:94:D2:1D:36:8C:C0:6E:03:3E:7F:AB:04:BB:5E:B9:9D:A6:B7:00
-# Fingerprint (SHA1): 8A:5C:8C:EE:A5:03:E6:05:56:BA:D8:1B:D4:F6:C9:B0:ED:E5:2F:E0
-CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\212\134\214\356\245\003\346\005\126\272\330\033\324\366\311\260
-\355\345\057\340
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\370\305\356\052\153\276\225\215\010\367\045\112\352\161\076\106
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\261\061\013\060\011\006\003\125\004\006\023\002\124\122
-\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141\162
-\141\061\115\060\113\006\003\125\004\012\014\104\124\303\234\122
-\113\124\122\125\123\124\040\102\151\154\147\151\040\304\260\154
-\145\164\151\305\237\151\155\040\166\145\040\102\151\154\151\305
-\237\151\155\040\107\303\274\166\145\156\154\151\304\237\151\040
-\110\151\172\155\145\164\154\145\162\151\040\101\056\305\236\056
-\061\102\060\100\006\003\125\004\003\014\071\124\303\234\122\113
-\124\122\125\123\124\040\105\154\145\153\164\162\157\156\151\153
-\040\123\145\162\164\151\146\151\153\141\040\110\151\172\155\145
-\164\040\123\141\304\237\154\141\171\304\261\143\304\261\163\304
-\261\040\110\066
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\006\175\241\362\145\354\212
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
-CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
-
-#
# Certificate "Certinomis - Root CA"
#
# Issuer: CN=Certinomis - Root CA,OU=0002 433998903,O=Certinomis,C=FR
# Serial Number: 1 (0x1)
# Subject: CN=Certinomis - Root CA,OU=0002 433998903,O=Certinomis,C=FR
# Not Valid Before: Mon Oct 21 09:17:18 2013
# Not Valid After : Fri Oct 21 09:17:18 2033
# Fingerprint (SHA-256): 2A:99:F5:BC:11:74:B7:3C:BB:1D:62:08:84:E0:1C:34:E5:1C:CB:39:78:DA:12:5F:0E:33:26:88:83:BF:41:58
@@ -26559,16 +26046,17 @@
\307\132\141\315\217\201\140\025\115\200\335\220\342\175\304\120
\362\214\073\156\112\307\306\346\200\053\074\201\274\021\200\026
\020\047\327\360\315\077\171\314\163\052\303\176\123\221\326\156
\370\365\363\307\320\121\115\216\113\245\133\346\031\027\073\326
\201\011\334\042\334\356\216\271\304\217\123\341\147\273\063\270
\210\025\106\317\355\151\065\377\165\015\106\363\316\161\341\305
\153\206\102\006\271\101
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Certinomis - Root CA"
# Issuer: CN=Certinomis - Root CA,OU=0002 433998903,O=Certinomis,C=FR
# Serial Number: 1 (0x1)
# Subject: CN=Certinomis - Root CA,OU=0002 433998903,O=Certinomis,C=FR
# Not Valid Before: Mon Oct 21 09:17:18 2013
# Not Valid After : Fri Oct 21 09:17:18 2033
# Fingerprint (SHA-256): 2A:99:F5:BC:11:74:B7:3C:BB:1D:62:08:84:E0:1C:34:E5:1C:CB:39:78:DA:12:5F:0E:33:26:88:83:BF:41:58
@@ -26697,16 +26185,17 @@
\265\253\226\300\264\113\242\035\227\236\172\362\156\100\161\337
\150\361\145\115\316\174\005\337\123\145\251\245\360\261\227\004
\160\025\106\003\230\324\322\277\124\264\240\130\175\122\157\332
\126\046\142\324\330\333\211\061\157\034\360\042\302\323\142\034
\065\315\114\151\025\124\032\220\230\336\353\036\137\312\167\307
\313\216\075\103\151\234\232\130\320\044\073\337\033\100\226\176
\065\255\201\307\116\161\272\210\023
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "OISTE WISeKey Global Root GB CA"
# Issuer: CN=OISTE WISeKey Global Root GB CA,OU=OISTE Foundation Endorsed,O=WISeKey,C=CH
# Serial Number:76:b1:20:52:74:f0:85:87:46:b3:f8:23:1a:f6:c2:c0
# Subject: CN=OISTE WISeKey Global Root GB CA,OU=OISTE Foundation Endorsed,O=WISeKey,C=CH
# Not Valid Before: Mon Dec 01 15:00:32 2014
# Not Valid After : Thu Dec 01 15:10:31 2039
# Fingerprint (SHA-256): 6B:9C:08:E8:6E:B0:F7:67:CF:AD:65:CD:98:B6:21:49:E5:49:4A:67:F5:84:5E:7B:D1:ED:01:9F:27:B8:6B:D6
@@ -26831,16 +26320,17 @@
\171\266\063\131\272\017\304\013\342\160\240\113\170\056\372\310
\237\375\257\221\145\012\170\070\025\345\227\027\024\335\371\340
\054\064\370\070\320\204\042\000\300\024\121\030\053\002\334\060
\132\360\350\001\174\065\072\043\257\010\344\257\252\216\050\102
\111\056\360\365\231\064\276\355\017\113\030\341\322\044\074\273
\135\107\267\041\362\215\321\012\231\216\343\156\076\255\160\340
\217\271\312\314\156\201\061\366\173\234\172\171\344\147\161\030
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Certification Authority of WoSign G2"
# Issuer: CN=Certification Authority of WoSign G2,O=WoSign CA Limited,C=CN
# Serial Number:6b:25:da:8a:88:9d:7c:bc:0f:05:b3:b1:7a:61:45:44
# Subject: CN=Certification Authority of WoSign G2,O=WoSign CA Limited,C=CN
# Not Valid Before: Sat Nov 08 00:58:58 2014
# Not Valid After : Tue Nov 08 00:58:58 2044
# Fingerprint (SHA-256): D4:87:A5:6F:83:B0:74:82:E8:5E:96:33:94:C1:EC:C2:C9:E5:1D:09:03:EE:94:6B:02:C3:01:58:1E:D9:9E:16
@@ -26939,16 +26429,17 @@
\004\003\003\003\150\000\060\145\002\061\000\344\244\204\260\201
\325\075\260\164\254\224\244\350\016\075\000\164\114\241\227\153
\371\015\121\074\241\331\073\364\015\253\251\237\276\116\162\312
\205\324\331\354\265\062\105\030\157\253\255\002\060\175\307\367
\151\143\057\241\341\230\357\023\020\321\171\077\321\376\352\073
\177\336\126\364\220\261\025\021\330\262\042\025\320\057\303\046
\056\153\361\221\262\220\145\364\232\346\220\356\112
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "CA WoSign ECC Root"
# Issuer: CN=CA WoSign ECC Root,O=WoSign CA Limited,C=CN
# Serial Number:68:4a:58:70:80:6b:f0:8f:02:fa:f6:de:e8:b0:90:90
# Subject: CN=CA WoSign ECC Root,O=WoSign CA Limited,C=CN
# Not Valid Before: Sat Nov 08 00:58:58 2014
# Not Valid After : Tue Nov 08 00:58:58 2044
# Fingerprint (SHA-256): 8B:45:DA:1C:06:F7:91:EB:0C:AB:F2:6B:E5:88:F5:FB:23:16:5C:2E:61:4B:F8:85:56:2D:0D:CE:50:B2:9B:02
@@ -27071,16 +26562,17 @@
\322\324\141\372\325\025\333\327\237\207\121\124\353\245\343\353
\311\205\240\045\040\067\373\216\316\014\064\204\341\074\201\262
\167\116\103\245\210\137\206\147\241\075\346\264\134\141\266\076
\333\376\267\050\305\242\007\256\265\312\312\215\052\022\357\227
\355\302\060\244\311\052\172\373\363\115\043\033\231\063\064\240
\056\365\251\013\077\324\135\341\317\204\237\342\031\302\137\212
\326\040\036\343\163\267
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "SZAFIR ROOT CA2"
# Issuer: CN=SZAFIR ROOT CA2,O=Krajowa Izba Rozliczeniowa S.A.,C=PL
# Serial Number:3e:8a:5d:07:ec:55:d2:32:d5:b7:e3:b6:5f:01:eb:2d:dc:e4:d6:e4
# Subject: CN=SZAFIR ROOT CA2,O=Krajowa Izba Rozliczeniowa S.A.,C=PL
# Not Valid Before: Mon Oct 19 07:43:30 2015
# Not Valid After : Fri Oct 19 07:43:30 2035
# Fingerprint (SHA-256): A1:33:9D:33:28:1A:0B:56:E5:57:D3:D3:2B:1C:E7:F9:36:7E:B0:94:BD:5F:A7:2A:7E:50:04:C8:DE:D7:CA:FE
@@ -27248,16 +26740,17 @@
\134\002\312\054\330\157\112\007\331\311\065\332\100\165\362\304
\247\031\157\236\102\020\230\165\346\225\213\140\274\355\305\022
\327\212\316\325\230\134\126\226\003\305\356\167\006\065\377\317
\344\356\077\023\141\356\333\332\055\205\360\315\256\235\262\030
\011\105\303\222\241\162\027\374\107\266\240\013\054\361\304\336
\103\150\010\152\137\073\360\166\143\373\314\006\054\246\306\342
\016\265\271\276\044\217
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Certum Trusted Network CA 2"
# Issuer: CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL
# Serial Number:21:d6:d0:4a:4f:25:0f:c9:32:37:fc:aa:5e:12:8d:e9
# Subject: CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL
# Not Valid Before: Thu Oct 06 08:39:56 2011
# Not Valid After : Sat Oct 06 08:39:56 2046
# Fingerprint (SHA-256): B6:76:F2:ED:DA:E8:77:5C:D3:6C:B0:F6:3C:D1:D4:60:39:61:F4:9E:62:65:BA:01:3A:2F:03:07:B6:D0:B8:04
@@ -27434,16 +26927,17 @@
\245\314\073\330\167\067\060\242\117\331\157\321\362\100\255\101
\172\027\305\326\112\065\211\267\101\325\174\206\177\125\115\203
\112\245\163\040\300\072\257\220\361\232\044\216\331\216\161\312
\173\270\206\332\262\217\231\076\035\023\015\022\021\356\324\253
\360\351\025\166\002\344\340\337\252\040\036\133\141\205\144\100
\251\220\227\015\255\123\322\132\035\207\152\000\227\145\142\264
\276\157\152\247\365\054\102\355\062\255\266\041\236\276\274
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Hellenic Academic and Research Institutions RootCA 2015"
# Issuer: CN=Hellenic Academic and Research Institutions RootCA 2015,O=Hellenic Academic and Research Institutions Cert. Authority,L=Athens,C=GR
# Serial Number: 0 (0x0)
# Subject: CN=Hellenic Academic and Research Institutions RootCA 2015,O=Hellenic Academic and Research Institutions Cert. Authority,L=Athens,C=GR
# Not Valid Before: Tue Jul 07 10:11:21 2015
# Not Valid After : Sat Jun 30 10:11:21 2040
# Fingerprint (SHA-256): A0:40:92:9A:02:CE:53:B4:AC:F4:F2:FF:C6:98:1C:E4:49:6F:75:5E:6D:45:FE:0B:2A:69:2B:CD:52:52:3F:36
@@ -27569,16 +27063,17 @@
\000\060\144\002\060\147\316\026\142\070\242\254\142\105\247\251
\225\044\300\032\047\234\062\073\300\300\325\272\251\347\370\004
\103\123\205\356\122\041\336\235\365\045\203\076\236\130\113\057
\327\147\023\016\041\002\060\005\341\165\001\336\150\355\052\037
\115\114\011\010\015\354\113\255\144\027\050\347\165\316\105\145
\162\041\027\313\042\101\016\214\023\230\070\232\124\155\233\312
\342\174\352\002\130\042\221
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Hellenic Academic and Research Institutions ECC RootCA 2015"
# Issuer: CN=Hellenic Academic and Research Institutions ECC RootCA 2015,O=Hellenic Academic and Research Institutions Cert. Authority,L=Athens,C=GR
# Serial Number: 0 (0x0)
# Subject: CN=Hellenic Academic and Research Institutions ECC RootCA 2015,O=Hellenic Academic and Research Institutions Cert. Authority,L=Athens,C=GR
# Not Valid Before: Tue Jul 07 10:37:12 2015
# Not Valid After : Sat Jun 30 10:37:12 2040
# Fingerprint (SHA-256): 44:B5:45:AA:8A:25:E6:5A:73:CA:15:DC:27:FC:36:D2:4C:1C:B9:95:3A:06:65:39:B1:15:82:DC:48:7B:48:33
@@ -27733,16 +27228,17 @@
\040\222\334\102\204\277\001\253\207\300\325\040\202\333\306\271
\203\205\102\134\017\103\073\152\111\065\325\230\364\025\277\372
\141\201\014\011\040\030\322\320\027\014\313\110\000\120\351\166
\202\214\144\327\072\240\007\125\314\036\061\300\357\072\264\145
\373\343\277\102\153\236\017\250\275\153\230\334\330\333\313\213
\244\335\327\131\364\156\335\376\252\303\221\320\056\102\007\300
\014\115\123\315\044\261\114\133\036\121\364\337\351\222\372
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Certplus Root CA G1"
# Issuer: CN=Certplus Root CA G1,O=Certplus,C=FR
# Serial Number:11:20:55:83:e4:2d:3e:54:56:85:2d:83:37:b7:2c:dc:46:11
# Subject: CN=Certplus Root CA G1,O=Certplus,C=FR
# Not Valid Before: Mon May 26 00:00:00 2014
# Not Valid After : Fri Jan 15 00:00:00 2038
# Fingerprint (SHA-256): 15:2A:40:2B:FC:DF:2C:D5:48:05:4D:22:75:B3:9C:7F:CA:3E:C0:97:80:78:B0:F0:EA:76:E5:61:A6:C7:43:3E
@@ -27838,16 +27334,17 @@
\110\316\075\004\003\003\003\150\000\060\145\002\060\160\376\260
\013\331\367\203\227\354\363\125\035\324\334\263\006\016\376\063
\230\235\213\071\220\153\224\041\355\266\327\135\326\114\327\041
\247\347\277\041\017\053\315\367\052\334\205\007\235\002\061\000
\206\024\026\345\334\260\145\302\300\216\024\237\277\044\026\150
\345\274\371\171\151\334\255\105\053\367\266\061\163\314\006\245
\123\223\221\032\223\256\160\152\147\272\327\236\345\141\032\137
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Certplus Root CA G2"
# Issuer: CN=Certplus Root CA G2,O=Certplus,C=FR
# Serial Number:11:20:d9:91:ce:ae:a3:e8:c5:e7:ff:e9:02:af:cf:73:bc:55
# Subject: CN=Certplus Root CA G2,O=Certplus,C=FR
# Not Valid Before: Mon May 26 00:00:00 2014
# Not Valid After : Fri Jan 15 00:00:00 2038
# Fingerprint (SHA-256): 6C:C0:50:41:E6:44:5E:74:69:6C:4C:FB:C9:F8:0F:54:3B:7E:AB:BB:44:B4:CE:6F:78:7C:6A:99:71:C4:2F:17
@@ -27999,16 +27496,17 @@
\076\355\154\275\375\016\235\146\163\260\075\264\367\277\250\340
\021\244\304\256\165\011\112\143\000\110\040\246\306\235\013\011
\212\264\340\346\316\076\307\076\046\070\351\053\336\246\010\111
\003\004\220\212\351\217\277\350\266\264\052\243\043\215\034\034
\262\071\222\250\217\002\134\100\071\165\324\163\101\002\167\336
\315\340\103\207\326\344\272\112\303\154\022\177\376\052\346\043
\326\214\161
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "OpenTrust Root CA G1"
# Issuer: CN=OpenTrust Root CA G1,O=OpenTrust,C=FR
# Serial Number:11:20:b3:90:55:39:7d:7f:36:6d:64:c2:a7:9f:6b:63:8e:67
# Subject: CN=OpenTrust Root CA G1,O=OpenTrust,C=FR
# Not Valid Before: Mon May 26 08:45:50 2014
# Not Valid After : Fri Jan 15 00:00:00 2038
# Fingerprint (SHA-256): 56:C7:71:28:D9:8C:18:D9:1B:4C:FD:FF:BC:25:EE:91:03:D4:75:8E:A2:AB:AD:82:6A:90:F3:45:7D:46:0E:B4
@@ -28161,16 +27659,17 @@
\210\335\147\023\157\035\150\044\213\117\267\164\201\345\364\140
\237\172\125\327\076\067\332\026\153\076\167\254\256\030\160\225
\010\171\051\003\212\376\301\073\263\077\032\017\244\073\136\037
\130\241\225\311\253\057\163\112\320\055\156\232\131\017\125\030
\170\055\074\121\246\227\213\346\273\262\160\252\114\021\336\377
\174\053\067\324\172\321\167\064\217\347\371\102\367\074\201\014
\113\122\012
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "OpenTrust Root CA G2"
# Issuer: CN=OpenTrust Root CA G2,O=OpenTrust,C=FR
# Serial Number:11:20:a1:69:1b:bf:bd:b9:bd:52:96:8f:23:e8:48:bf:26:11
# Subject: CN=OpenTrust Root CA G2,O=OpenTrust,C=FR
# Not Valid Before: Mon May 26 00:00:00 2014
# Not Valid After : Fri Jan 15 00:00:00 2038
# Fingerprint (SHA-256): 27:99:58:29:FE:6A:75:15:C1:BF:E8:48:F9:C4:76:1D:B1:6C:22:59:29:25:7B:F4:0D:08:94:F2:9E:A8:BA:F2
@@ -28270,16 +27769,17 @@
\061\000\217\250\334\235\272\014\004\027\372\025\351\075\057\051
\001\227\277\201\026\063\100\223\154\374\371\355\200\160\157\252
\217\333\204\302\213\365\065\312\006\334\144\157\150\026\341\217
\221\271\002\061\000\330\113\245\313\302\320\010\154\351\030\373
\132\335\115\137\044\013\260\000\041\045\357\217\247\004\046\161
\342\174\151\345\135\232\370\101\037\073\071\223\223\235\125\352
\315\215\361\373\301
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "OpenTrust Root CA G3"
# Issuer: CN=OpenTrust Root CA G3,O=OpenTrust,C=FR
# Serial Number:11:20:e6:f8:4c:fc:24:b0:be:05:40:ac:da:83:1b:34:60:3f
# Subject: CN=OpenTrust Root CA G3,O=OpenTrust,C=FR
# Not Valid Before: Mon May 26 00:00:00 2014
# Not Valid After : Fri Jan 15 00:00:00 2038
# Fingerprint (SHA-256): B7:C3:62:31:70:6E:81:07:8C:36:7C:B8:96:19:8F:1E:32:08:DD:92:69:49:DD:8F:57:09:A4:10:F7:5B:62:92
@@ -28433,16 +27933,17 @@
\242\320\141\070\341\226\270\254\135\213\067\327\165\325\063\300
\231\021\256\235\101\301\162\165\204\276\002\101\102\137\147\044
\110\224\321\233\047\276\007\077\271\270\117\201\164\121\341\172
\267\355\235\043\342\276\340\325\050\004\023\074\061\003\236\335
\172\154\217\306\007\030\306\177\336\107\216\077\050\236\004\006
\317\245\124\064\167\275\354\211\233\351\027\103\337\133\333\137
\376\216\036\127\242\315\100\235\176\142\042\332\336\030\047
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "ISRG Root X1"
# Issuer: CN=ISRG Root X1,O=Internet Security Research Group,C=US
# Serial Number:00:82:10:cf:b0:d2:40:e3:59:44:63:e0:bb:63:82:8b:00
# Subject: CN=ISRG Root X1,O=Internet Security Research Group,C=US
# Not Valid Before: Thu Jun 04 11:04:38 2015
# Not Valid After : Mon Jun 04 11:04:38 2035
# Fingerprint (SHA-256): 96:BC:EC:06:26:49:76:F3:74:60:77:9A:CF:28:C5:A7:CF:E8:A3:C0:AA:E1:1A:8F:FC:EE:05:C0:BD:DF:08:C6
@@ -28595,16 +28096,17 @@
\152\260\272\061\222\102\100\152\276\072\323\162\341\152\067\125
\274\254\035\225\267\151\141\362\103\221\164\346\240\323\012\044
\106\241\010\257\326\332\105\031\226\324\123\035\133\204\171\360
\300\367\107\357\213\217\305\006\256\235\114\142\235\377\106\004
\370\323\311\266\020\045\100\165\376\026\252\311\112\140\206\057
\272\357\060\167\344\124\342\270\204\231\130\200\252\023\213\121
\072\117\110\366\213\266\263
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "AC RAIZ FNMT-RCM"
# Issuer: OU=AC RAIZ FNMT-RCM,O=FNMT-RCM,C=ES
# Serial Number:5d:93:8d:30:67:36:c8:06:1d:1a:c7:54:84:69:07
# Subject: OU=AC RAIZ FNMT-RCM,O=FNMT-RCM,C=ES
# Not Valid Before: Wed Oct 29 15:59:56 2008
# Not Valid After : Tue Jan 01 00:00:00 2030
# Fingerprint (SHA-256): EB:C5:57:0C:29:01:8C:4D:67:B1:AA:12:7B:AF:12:F7:03:B4:61:1E:BC:17:B7:DA:B5:57:38:94:17:9B:93:FA
@@ -28719,16 +28221,17 @@
\331\017\110\160\232\331\165\170\161\321\162\103\064\165\156\127
\131\302\002\134\046\140\051\317\043\031\026\216\210\103\245\324
\344\313\010\373\043\021\103\350\103\051\162\142\241\251\135\136
\010\324\220\256\270\330\316\024\302\320\125\362\206\366\304\223
\103\167\146\141\300\271\350\101\327\227\170\140\003\156\112\162
\256\245\321\175\272\020\236\206\154\033\212\271\131\063\370\353
\304\220\276\361\271
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Amazon Root CA 1"
# Issuer: CN=Amazon Root CA 1,O=Amazon,C=US
# Serial Number:06:6c:9f:cf:99:bf:8c:0a:39:e2:f0:78:8a:43:e6:96:36:5b:ca
# Subject: CN=Amazon Root CA 1,O=Amazon,C=US
# Not Valid Before: Tue May 26 00:00:00 2015
# Not Valid After : Sun Jan 17 00:00:00 2038
# Fingerprint (SHA-256): 8E:CD:E6:88:4F:3D:87:B1:12:5B:A3:1A:C3:FC:B1:3D:70:16:DE:7F:57:CC:90:4F:E1:CB:97:C6:AE:98:19:6E
@@ -28875,16 +28378,17 @@
\357\242\245\134\214\167\051\247\150\300\153\256\100\322\250\264
\352\315\360\215\113\070\234\031\232\033\050\124\270\211\220\357
\312\165\201\076\036\362\144\044\307\030\257\116\377\107\236\007
\366\065\145\244\323\012\126\377\365\027\144\154\357\250\042\045
\111\223\266\337\000\027\332\130\176\135\356\305\033\260\321\321
\137\041\020\307\371\363\272\002\012\047\007\305\361\326\307\323
\340\373\011\140\154
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Amazon Root CA 2"
# Issuer: CN=Amazon Root CA 2,O=Amazon,C=US
# Serial Number:06:6c:9f:d2:96:35:86:9f:0a:0f:e5:86:78:f8:5b:26:bb:8a:37
# Subject: CN=Amazon Root CA 2,O=Amazon,C=US
# Not Valid Before: Tue May 26 00:00:00 2015
# Not Valid After : Sat May 26 00:00:00 2040
# Fingerprint (SHA-256): 1B:A5:B2:AA:8C:65:40:1A:82:96:01:18:F8:0B:EC:4F:62:30:4D:83:CE:C4:71:3A:19:C3:9C:01:1E:A4:6D:B4
@@ -28974,16 +28478,17 @@
\266\333\327\006\236\067\254\060\206\007\221\160\307\234\304\031
\261\170\300\060\012\006\010\052\206\110\316\075\004\003\002\003
\111\000\060\106\002\041\000\340\205\222\243\027\267\215\371\053
\006\245\223\254\032\230\150\141\162\372\341\241\320\373\034\170
\140\246\103\231\305\270\304\002\041\000\234\002\357\361\224\234
\263\226\371\353\306\052\370\266\054\376\072\220\024\026\327\214
\143\044\110\034\337\060\175\325\150\073
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Amazon Root CA 3"
# Issuer: CN=Amazon Root CA 3,O=Amazon,C=US
# Serial Number:06:6c:9f:d5:74:97:36:66:3f:3b:0b:9a:d9:e8:9e:76:03:f2:4a
# Subject: CN=Amazon Root CA 3,O=Amazon,C=US
# Not Valid Before: Tue May 26 00:00:00 2015
# Not Valid After : Sat May 26 00:00:00 2040
# Fingerprint (SHA-256): 18:CE:6C:FE:7B:F1:4E:60:B2:E3:47:B8:DF:E8:68:CB:31:D0:2E:BB:3A:DA:27:15:69:F5:03:43:B4:6D:B3:A4
@@ -29077,16 +28582,17 @@
\145\002\060\072\213\041\361\275\176\021\255\320\357\130\226\057
\326\353\235\176\220\215\053\317\146\125\303\054\343\050\251\160
\012\107\016\360\067\131\022\377\055\231\224\050\116\052\117\065
\115\063\132\002\061\000\352\165\000\116\073\304\072\224\022\221
\311\130\106\235\041\023\162\247\210\234\212\344\114\112\333\226
\324\254\213\153\153\111\022\123\063\255\327\344\276\044\374\265
\012\166\324\245\274\020
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Amazon Root CA 4"
# Issuer: CN=Amazon Root CA 4,O=Amazon,C=US
# Serial Number:06:6c:9f:d7:c1:bb:10:4c:29:43:e5:71:7b:7b:2c:c8:1a:c1:0e
# Subject: CN=Amazon Root CA 4,O=Amazon,C=US
# Not Valid Before: Tue May 26 00:00:00 2015
# Not Valid After : Sat May 26 00:00:00 2040
# Fingerprint (SHA-256): E3:5D:28:41:9E:D0:20:25:CF:A6:90:38:CD:62:39:62:45:8D:A5:C6:95:FB:DE:A3:C2:2B:0B:FB:25:89:70:92
@@ -29243,16 +28749,17 @@
\105\111\231\164\221\260\004\157\343\004\132\261\253\052\253\376
\307\320\226\266\332\341\112\144\006\156\140\115\275\102\116\377
\170\332\044\312\033\264\327\226\071\154\256\361\016\252\247\175
\110\213\040\114\317\144\326\270\227\106\260\116\321\052\126\072
\240\223\275\257\200\044\340\012\176\347\312\325\312\350\205\125
\334\066\052\341\224\150\223\307\146\162\104\017\200\041\062\154
\045\307\043\200\203\012\353
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "LuxTrust Global Root 2"
# Issuer: CN=LuxTrust Global Root 2,O=LuxTrust S.A.,C=LU
# Serial Number:0a:7e:a6:df:4b:44:9e:da:6a:24:85:9e:e6:b8:15:d3:16:7f:bb:b1
# Subject: CN=LuxTrust Global Root 2,O=LuxTrust S.A.,C=LU
# Not Valid Before: Thu Mar 05 13:21:57 2015
# Not Valid After : Mon Mar 05 13:21:57 2035
# Fingerprint (SHA-256): 54:45:5F:71:29:C2:0B:14:47:C4:18:F9:97:16:8F:24:C5:8F:C5:02:3B:F5:DA:5B:E2:EB:6E:1D:D8:90:2E:D5
@@ -29391,16 +28898,17 @@
\347\066\321\041\150\113\055\070\346\123\256\034\045\126\010\126
\003\147\204\235\306\303\316\044\142\307\114\066\317\260\006\104
\267\365\137\002\335\331\124\351\057\220\116\172\310\116\203\100
\014\232\227\074\067\277\277\354\366\360\264\205\167\050\301\013
\310\147\202\020\027\070\242\267\006\352\233\277\072\370\351\043
\007\277\164\340\230\070\025\125\170\356\162\000\134\031\243\364
\322\063\340\377\275\321\124\071\051\017
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Symantec Class 1 Public Primary Certification Authority - G6"
# Issuer: CN=Symantec Class 1 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
# Serial Number:24:32:75:f2:1d:2f:d2:09:33:f7:b4:6a:ca:d0:f3:98
# Subject: CN=Symantec Class 1 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
# Not Valid Before: Tue Oct 18 00:00:00 2011
# Not Valid After : Tue Dec 01 23:59:59 2037
# Fingerprint (SHA-256): 9D:19:0B:2E:31:45:66:68:5B:E8:A8:89:E2:7A:A8:C7:D7:AE:1D:8A:AD:DB:A3:C1:EC:F9:D2:48:63:CD:34:B9
@@ -29544,16 +29052,17 @@
\111\315\245\243\214\151\171\045\256\270\114\154\213\100\146\113
\026\077\317\002\032\335\341\154\153\007\141\152\166\025\051\231
\177\033\335\210\200\301\277\265\217\163\305\246\226\043\204\246
\050\206\044\063\152\001\056\127\163\045\266\136\277\217\346\035
\141\250\100\051\147\035\207\233\035\177\233\237\231\315\061\326
\124\276\142\273\071\254\150\022\110\221\040\245\313\261\335\376
\157\374\132\344\202\125\131\257\061\251
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Symantec Class 2 Public Primary Certification Authority - G6"
# Issuer: CN=Symantec Class 2 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
# Serial Number:64:82:9e:fc:37:1e:74:5d:fc:97:ff:97:c8:b1:ff:41
# Subject: CN=Symantec Class 2 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
# Not Valid Before: Tue Oct 18 00:00:00 2011
# Not Valid After : Tue Dec 01 23:59:59 2037
# Fingerprint (SHA-256): CB:62:7D:18:B5:8A:D5:6D:DE:33:1A:30:45:6B:C6:5C:60:1A:4E:9B:18:DE:DC:EA:08:E7:DA:AA:07:81:5F:F0
@@ -29676,16 +29185,17 @@
\003\003\151\000\060\146\002\061\000\245\256\343\106\123\370\230
\066\343\042\372\056\050\111\015\356\060\176\063\363\354\077\161
\136\314\125\211\170\231\254\262\375\334\034\134\063\216\051\271
\153\027\310\021\150\265\334\203\007\002\061\000\234\310\104\332
\151\302\066\303\124\031\020\205\002\332\235\107\357\101\347\154
\046\235\011\075\367\155\220\321\005\104\057\260\274\203\223\150
\362\014\105\111\071\277\231\004\034\323\020\240
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Symantec Class 1 Public Primary Certification Authority - G4"
# Issuer: CN=Symantec Class 1 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
# Serial Number:21:6e:33:a5:cb:d3:88:a4:6f:29:07:b4:27:3c:c4:d8
# Subject: CN=Symantec Class 1 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
# Not Valid Before: Wed Oct 05 00:00:00 2011
# Not Valid After : Mon Jan 18 23:59:59 2038
# Fingerprint (SHA-256): 36:3F:3C:84:9E:AB:03:B0:A2:A0:F6:36:D7:B8:6D:04:D3:AC:7F:CF:E2:6A:0A:91:21:AB:97:95:F6:E1:76:DF
@@ -29808,16 +29318,17 @@
\003\003\151\000\060\146\002\061\000\310\246\251\257\101\177\265
\311\021\102\026\150\151\114\134\270\047\030\266\230\361\300\177
\220\155\207\323\214\106\027\360\076\117\374\352\260\010\304\172
\113\274\010\057\307\342\247\157\145\002\061\000\326\131\336\206
\316\137\016\312\124\325\306\320\025\016\374\213\224\162\324\216
\000\130\123\317\176\261\113\015\345\120\206\353\236\153\337\377
\051\246\330\107\331\240\226\030\333\362\105\263
END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
# Trust for "Symantec Class 2 Public Primary Certification Authority - G4"
# Issuer: CN=Symantec Class 2 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
# Serial Number:34:17:65:12:40:3b:b7:56:80:2d:80:cb:79:55:a6:1e
# Subject: CN=Symantec Class 2 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
# Not Valid Before: Wed Oct 05 00:00:00 2011
# Not Valid After : Mon Jan 18 23:59:59 2038
# Fingerprint (SHA-256): FE:86:3D:08:22:FE:7A:23:53:FA:48:4D:59:24:E8:75:65:6D:3D:C9:FB:58:77:1F:6F:61:6F:9D:57:1B:C5:92
@@ -29849,8 +29360,318 @@
CKA_SERIAL_NUMBER MULTILINE_OCTAL
\002\020\064\027\145\022\100\073\267\126\200\055\200\313\171\125
\246\036
END
CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "D-TRUST Root CA 3 2013"
+#
+# Issuer: CN=D-TRUST Root CA 3 2013,O=D-Trust GmbH,C=DE
+# Serial Number: 1039788 (0xfddac)
+# Subject: CN=D-TRUST Root CA 3 2013,O=D-Trust GmbH,C=DE
+# Not Valid Before: Fri Sep 20 08:25:51 2013
+# Not Valid After : Wed Sep 20 08:25:51 2028
+# Fingerprint (SHA-256): A1:A8:6D:04:12:1E:B8:7F:02:7C:66:F5:33:03:C2:8E:57:39:F9:43:FC:84:B3:8A:D6:AF:00:90:35:DD:94:57
+# Fingerprint (SHA1): 6C:7C:CC:E7:D4:AE:51:5F:99:08:CD:3F:F6:E8:C3:78:DF:6F:EF:97
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "D-TRUST Root CA 3 2013"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\105\061\013\060\011\006\003\125\004\006\023\002\104\105\061
+\025\060\023\006\003\125\004\012\014\014\104\055\124\162\165\163
+\164\040\107\155\142\110\061\037\060\035\006\003\125\004\003\014
+\026\104\055\124\122\125\123\124\040\122\157\157\164\040\103\101
+\040\063\040\062\060\061\063
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\105\061\013\060\011\006\003\125\004\006\023\002\104\105\061
+\025\060\023\006\003\125\004\012\014\014\104\055\124\162\165\163
+\164\040\107\155\142\110\061\037\060\035\006\003\125\004\003\014
+\026\104\055\124\122\125\123\124\040\122\157\157\164\040\103\101
+\040\063\040\062\060\061\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\003\017\335\254
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\016\060\202\002\366\240\003\002\001\002\002\003\017
+\335\254\060\015\006\011\052\206\110\206\367\015\001\001\013\005
+\000\060\105\061\013\060\011\006\003\125\004\006\023\002\104\105
+\061\025\060\023\006\003\125\004\012\014\014\104\055\124\162\165
+\163\164\040\107\155\142\110\061\037\060\035\006\003\125\004\003
+\014\026\104\055\124\122\125\123\124\040\122\157\157\164\040\103
+\101\040\063\040\062\060\061\063\060\036\027\015\061\063\060\071
+\062\060\060\070\062\065\065\061\132\027\015\062\070\060\071\062
+\060\060\070\062\065\065\061\132\060\105\061\013\060\011\006\003
+\125\004\006\023\002\104\105\061\025\060\023\006\003\125\004\012
+\014\014\104\055\124\162\165\163\164\040\107\155\142\110\061\037
+\060\035\006\003\125\004\003\014\026\104\055\124\122\125\123\124
+\040\122\157\157\164\040\103\101\040\063\040\062\060\061\063\060
+\202\001\042\060\015\006\011\052\206\110\206\367\015\001\001\001
+\005\000\003\202\001\017\000\060\202\001\012\002\202\001\001\000
+\304\173\102\222\202\037\354\355\124\230\216\022\300\312\011\337
+\223\156\072\223\134\033\344\020\167\236\116\151\210\154\366\341
+\151\362\366\233\242\141\261\275\007\040\164\230\145\361\214\046
+\010\315\250\065\312\200\066\321\143\155\350\104\172\202\303\154
+\136\336\273\350\066\322\304\150\066\214\237\062\275\204\042\340
+\334\302\356\020\106\071\155\257\223\071\256\207\346\303\274\011
+\311\054\153\147\133\331\233\166\165\114\013\340\273\305\327\274
+\076\171\362\137\276\321\220\127\371\256\366\146\137\061\277\323
+\155\217\247\272\112\363\043\145\273\267\357\243\045\327\012\352
+\130\266\357\210\372\372\171\262\122\130\325\360\254\214\241\121
+\164\051\225\252\121\073\220\062\003\237\034\162\164\220\336\075
+\355\141\322\345\343\375\144\107\345\271\267\112\251\367\037\256
+\226\206\004\254\057\343\244\201\167\267\132\026\377\330\017\077
+\366\267\170\314\244\257\372\133\074\022\133\250\122\211\162\357
+\210\363\325\104\201\206\225\043\237\173\335\274\331\064\357\174
+\224\074\252\300\101\302\343\235\120\032\300\344\031\042\374\263
+\002\003\001\000\001\243\202\001\005\060\202\001\001\060\017\006
+\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\035
+\006\003\125\035\016\004\026\004\024\077\220\310\175\307\025\157
+\363\044\217\251\303\057\113\242\017\041\262\057\347\060\016\006
+\003\125\035\017\001\001\377\004\004\003\002\001\006\060\201\276
+\006\003\125\035\037\004\201\266\060\201\263\060\164\240\162\240
+\160\206\156\154\144\141\160\072\057\057\144\151\162\145\143\164
+\157\162\171\056\144\055\164\162\165\163\164\056\156\145\164\057
+\103\116\075\104\055\124\122\125\123\124\045\062\060\122\157\157
+\164\045\062\060\103\101\045\062\060\063\045\062\060\062\060\061
+\063\054\117\075\104\055\124\162\165\163\164\045\062\060\107\155
+\142\110\054\103\075\104\105\077\143\145\162\164\151\146\151\143
+\141\164\145\162\145\166\157\143\141\164\151\157\156\154\151\163
+\164\060\073\240\071\240\067\206\065\150\164\164\160\072\057\057
+\143\162\154\056\144\055\164\162\165\163\164\056\156\145\164\057
+\143\162\154\057\144\055\164\162\165\163\164\137\162\157\157\164
+\137\143\141\137\063\137\062\060\061\063\056\143\162\154\060\015
+\006\011\052\206\110\206\367\015\001\001\013\005\000\003\202\001
+\001\000\016\131\016\130\344\164\110\043\104\317\064\041\265\234
+\024\032\255\232\113\267\263\210\155\134\251\027\160\360\052\237
+\215\173\371\173\205\372\307\071\350\020\010\260\065\053\137\317
+\002\322\323\234\310\013\036\356\005\124\256\067\223\004\011\175
+\154\217\302\164\274\370\034\224\276\061\001\100\055\363\044\040
+\267\204\125\054\134\310\365\164\112\020\031\213\243\307\355\065
+\326\011\110\323\016\300\272\071\250\260\106\002\260\333\306\210
+\131\302\276\374\173\261\053\317\176\142\207\125\226\314\001\157
+\233\147\041\225\065\213\370\020\374\161\033\267\113\067\151\246
+\073\326\354\213\356\301\260\363\045\311\217\222\175\241\352\303
+\312\104\277\046\245\164\222\234\343\164\353\235\164\331\313\115
+\207\330\374\264\151\154\213\240\103\007\140\170\227\351\331\223
+\174\302\106\274\233\067\122\243\355\212\074\023\251\173\123\113
+\111\232\021\005\054\013\156\126\254\037\056\202\154\340\151\147
+\265\016\155\055\331\344\300\025\361\077\372\030\162\341\025\155
+\047\133\055\060\050\053\237\110\232\144\053\231\357\362\165\111
+\137\134
+END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
+
+# Trust for "D-TRUST Root CA 3 2013"
+# Issuer: CN=D-TRUST Root CA 3 2013,O=D-Trust GmbH,C=DE
+# Serial Number: 1039788 (0xfddac)
+# Subject: CN=D-TRUST Root CA 3 2013,O=D-Trust GmbH,C=DE
+# Not Valid Before: Fri Sep 20 08:25:51 2013
+# Not Valid After : Wed Sep 20 08:25:51 2028
+# Fingerprint (SHA-256): A1:A8:6D:04:12:1E:B8:7F:02:7C:66:F5:33:03:C2:8E:57:39:F9:43:FC:84:B3:8A:D6:AF:00:90:35:DD:94:57
+# Fingerprint (SHA1): 6C:7C:CC:E7:D4:AE:51:5F:99:08:CD:3F:F6:E8:C3:78:DF:6F:EF:97
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "D-TRUST Root CA 3 2013"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\154\174\314\347\324\256\121\137\231\010\315\077\366\350\303\170
+\337\157\357\227
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\267\042\146\230\176\326\003\340\301\161\346\165\315\126\105\277
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\105\061\013\060\011\006\003\125\004\006\023\002\104\105\061
+\025\060\023\006\003\125\004\012\014\014\104\055\124\162\165\163
+\164\040\107\155\142\110\061\037\060\035\006\003\125\004\003\014
+\026\104\055\124\122\125\123\124\040\122\157\157\164\040\103\101
+\040\063\040\062\060\061\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\003\017\335\254
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1"
+#
+# Issuer: CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1,OU=Kamu Sertifikasyon Merkezi - Kamu SM,O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK,L=Gebze - Kocaeli,C=TR
+# Serial Number: 1 (0x1)
+# Subject: CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1,OU=Kamu Sertifikasyon Merkezi - Kamu SM,O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK,L=Gebze - Kocaeli,C=TR
+# Not Valid Before: Mon Nov 25 08:25:55 2013
+# Not Valid After : Sun Oct 25 08:25:55 2043
+# Fingerprint (SHA-256): 46:ED:C3:68:90:46:D5:3A:45:3F:B3:10:4A:B8:0D:CA:EC:65:8B:26:60:EA:16:29:DD:7E:86:79:90:64:87:16
+# Fingerprint (SHA1): 31:43:64:9B:EC:CE:27:EC:ED:3A:3F:0B:8F:0D:E4:E8:91:DD:EE:CA
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\322\061\013\060\011\006\003\125\004\006\023\002\124\122
+\061\030\060\026\006\003\125\004\007\023\017\107\145\142\172\145
+\040\055\040\113\157\143\141\145\154\151\061\102\060\100\006\003
+\125\004\012\023\071\124\165\162\153\151\171\145\040\102\151\154
+\151\155\163\145\154\040\166\145\040\124\145\153\156\157\154\157
+\152\151\153\040\101\162\141\163\164\151\162\155\141\040\113\165
+\162\165\155\165\040\055\040\124\125\102\111\124\101\113\061\055
+\060\053\006\003\125\004\013\023\044\113\141\155\165\040\123\145
+\162\164\151\146\151\153\141\163\171\157\156\040\115\145\162\153
+\145\172\151\040\055\040\113\141\155\165\040\123\115\061\066\060
+\064\006\003\125\004\003\023\055\124\125\102\111\124\101\113\040
+\113\141\155\165\040\123\115\040\123\123\114\040\113\157\153\040
+\123\145\162\164\151\146\151\153\141\163\151\040\055\040\123\165
+\162\165\155\040\061
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\322\061\013\060\011\006\003\125\004\006\023\002\124\122
+\061\030\060\026\006\003\125\004\007\023\017\107\145\142\172\145
+\040\055\040\113\157\143\141\145\154\151\061\102\060\100\006\003
+\125\004\012\023\071\124\165\162\153\151\171\145\040\102\151\154
+\151\155\163\145\154\040\166\145\040\124\145\153\156\157\154\157
+\152\151\153\040\101\162\141\163\164\151\162\155\141\040\113\165
+\162\165\155\165\040\055\040\124\125\102\111\124\101\113\061\055
+\060\053\006\003\125\004\013\023\044\113\141\155\165\040\123\145
+\162\164\151\146\151\153\141\163\171\157\156\040\115\145\162\153
+\145\172\151\040\055\040\113\141\155\165\040\123\115\061\066\060
+\064\006\003\125\004\003\023\055\124\125\102\111\124\101\113\040
+\113\141\155\165\040\123\115\040\123\123\114\040\113\157\153\040
+\123\145\162\164\151\146\151\153\141\163\151\040\055\040\123\165
+\162\165\155\040\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\143\060\202\003\113\240\003\002\001\002\002\001\001
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060
+\201\322\061\013\060\011\006\003\125\004\006\023\002\124\122\061
+\030\060\026\006\003\125\004\007\023\017\107\145\142\172\145\040
+\055\040\113\157\143\141\145\154\151\061\102\060\100\006\003\125
+\004\012\023\071\124\165\162\153\151\171\145\040\102\151\154\151
+\155\163\145\154\040\166\145\040\124\145\153\156\157\154\157\152
+\151\153\040\101\162\141\163\164\151\162\155\141\040\113\165\162
+\165\155\165\040\055\040\124\125\102\111\124\101\113\061\055\060
+\053\006\003\125\004\013\023\044\113\141\155\165\040\123\145\162
+\164\151\146\151\153\141\163\171\157\156\040\115\145\162\153\145
+\172\151\040\055\040\113\141\155\165\040\123\115\061\066\060\064
+\006\003\125\004\003\023\055\124\125\102\111\124\101\113\040\113
+\141\155\165\040\123\115\040\123\123\114\040\113\157\153\040\123
+\145\162\164\151\146\151\153\141\163\151\040\055\040\123\165\162
+\165\155\040\061\060\036\027\015\061\063\061\061\062\065\060\070
+\062\065\065\065\132\027\015\064\063\061\060\062\065\060\070\062
+\065\065\065\132\060\201\322\061\013\060\011\006\003\125\004\006
+\023\002\124\122\061\030\060\026\006\003\125\004\007\023\017\107
+\145\142\172\145\040\055\040\113\157\143\141\145\154\151\061\102
+\060\100\006\003\125\004\012\023\071\124\165\162\153\151\171\145
+\040\102\151\154\151\155\163\145\154\040\166\145\040\124\145\153
+\156\157\154\157\152\151\153\040\101\162\141\163\164\151\162\155
+\141\040\113\165\162\165\155\165\040\055\040\124\125\102\111\124
+\101\113\061\055\060\053\006\003\125\004\013\023\044\113\141\155
+\165\040\123\145\162\164\151\146\151\153\141\163\171\157\156\040
+\115\145\162\153\145\172\151\040\055\040\113\141\155\165\040\123
+\115\061\066\060\064\006\003\125\004\003\023\055\124\125\102\111
+\124\101\113\040\113\141\155\165\040\123\115\040\123\123\114\040
+\113\157\153\040\123\145\162\164\151\146\151\153\141\163\151\040
+\055\040\123\165\162\165\155\040\061\060\202\001\042\060\015\006
+\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017
+\000\060\202\001\012\002\202\001\001\000\257\165\060\063\252\273
+\153\323\231\054\022\067\204\331\215\173\227\200\323\156\347\377
+\233\120\225\076\220\225\126\102\327\031\174\046\204\215\222\372
+\001\035\072\017\342\144\070\267\214\274\350\210\371\213\044\253
+\056\243\365\067\344\100\216\030\045\171\203\165\037\073\377\154
+\250\305\306\126\370\264\355\212\104\243\253\154\114\374\035\320
+\334\357\150\275\317\344\252\316\360\125\367\242\064\324\203\153
+\067\174\034\302\376\265\003\354\127\316\274\264\265\305\355\000
+\017\123\067\052\115\364\117\014\203\373\206\317\313\376\214\116
+\275\207\371\247\213\041\127\234\172\337\003\147\211\054\235\227
+\141\247\020\270\125\220\177\016\055\047\070\164\337\347\375\332
+\116\022\343\115\025\042\002\310\340\340\374\017\255\212\327\311
+\124\120\314\073\017\312\026\200\204\320\121\126\303\216\126\177
+\211\042\063\057\346\205\012\275\245\250\033\066\336\323\334\054
+\155\073\307\023\275\131\043\054\346\345\244\367\330\013\355\352
+\220\100\104\250\225\273\223\325\320\200\064\266\106\170\016\037
+\000\223\106\341\356\351\371\354\117\027\002\003\001\000\001\243
+\102\060\100\060\035\006\003\125\035\016\004\026\004\024\145\077
+\307\212\206\306\074\335\074\124\134\065\370\072\355\122\014\107
+\127\310\060\016\006\003\125\035\017\001\001\377\004\004\003\002
+\001\006\060\017\006\003\125\035\023\001\001\377\004\005\060\003
+\001\001\377\060\015\006\011\052\206\110\206\367\015\001\001\013
+\005\000\003\202\001\001\000\052\077\341\361\062\216\256\341\230
+\134\113\136\317\153\036\152\011\322\042\251\022\307\136\127\175
+\163\126\144\200\204\172\223\344\011\271\020\315\237\052\047\341
+\000\167\276\110\310\065\250\201\237\344\270\054\311\177\016\260
+\322\113\067\135\352\271\325\013\136\064\275\364\163\051\303\355
+\046\025\234\176\010\123\212\130\215\320\113\050\337\301\263\337
+\040\363\371\343\343\072\337\314\234\224\330\116\117\303\153\027
+\267\367\162\350\255\146\063\265\045\123\253\340\370\114\251\235
+\375\362\015\272\256\271\331\252\306\153\371\223\273\256\253\270
+\227\074\003\032\272\103\306\226\271\105\162\070\263\247\241\226
+\075\221\173\176\300\041\123\114\207\355\362\013\124\225\121\223
+\325\042\245\015\212\361\223\016\076\124\016\260\330\311\116\334
+\362\061\062\126\352\144\371\352\265\235\026\146\102\162\363\177
+\323\261\061\103\374\244\216\027\361\155\043\253\224\146\370\255
+\373\017\010\156\046\055\177\027\007\011\262\214\373\120\300\237
+\226\215\317\266\375\000\235\132\024\232\277\002\104\365\301\302
+\237\042\136\242\017\241\343
+END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
+
+# Trust for "TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1"
+# Issuer: CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1,OU=Kamu Sertifikasyon Merkezi - Kamu SM,O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK,L=Gebze - Kocaeli,C=TR
+# Serial Number: 1 (0x1)
+# Subject: CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1,OU=Kamu Sertifikasyon Merkezi - Kamu SM,O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK,L=Gebze - Kocaeli,C=TR
+# Not Valid Before: Mon Nov 25 08:25:55 2013
+# Not Valid After : Sun Oct 25 08:25:55 2043
+# Fingerprint (SHA-256): 46:ED:C3:68:90:46:D5:3A:45:3F:B3:10:4A:B8:0D:CA:EC:65:8B:26:60:EA:16:29:DD:7E:86:79:90:64:87:16
+# Fingerprint (SHA1): 31:43:64:9B:EC:CE:27:EC:ED:3A:3F:0B:8F:0D:E4:E8:91:DD:EE:CA
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\061\103\144\233\354\316\047\354\355\072\077\013\217\015\344\350
+\221\335\356\312
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\334\000\201\334\151\057\076\057\260\073\366\075\132\221\216\111
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\322\061\013\060\011\006\003\125\004\006\023\002\124\122
+\061\030\060\026\006\003\125\004\007\023\017\107\145\142\172\145
+\040\055\040\113\157\143\141\145\154\151\061\102\060\100\006\003
+\125\004\012\023\071\124\165\162\153\151\171\145\040\102\151\154
+\151\155\163\145\154\040\166\145\040\124\145\153\156\157\154\157
+\152\151\153\040\101\162\141\163\164\151\162\155\141\040\113\165
+\162\165\155\165\040\055\040\124\125\102\111\124\101\113\061\055
+\060\053\006\003\125\004\013\023\044\113\141\155\165\040\123\145
+\162\164\151\146\151\153\141\163\171\157\156\040\115\145\162\153
+\145\172\151\040\055\040\113\141\155\165\040\123\115\061\066\060
+\064\006\003\125\004\003\023\055\124\125\102\111\124\101\113\040
+\113\141\155\165\040\123\115\040\123\123\114\040\113\157\153\040
+\123\145\162\164\151\146\151\153\141\163\151\040\055\040\123\165
+\162\165\155\040\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\001\001
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
diff --git a/lib/ckfw/builtins/nssckbi.h b/lib/ckfw/builtins/nssckbi.h
--- a/lib/ckfw/builtins/nssckbi.h
+++ b/lib/ckfw/builtins/nssckbi.h
@@ -17,41 +17,42 @@
*/
#define NSS_BUILTINS_CRYPTOKI_VERSION_MAJOR 2
#define NSS_BUILTINS_CRYPTOKI_VERSION_MINOR 20
/* These version numbers detail the changes
* to the list of trusted certificates.
*
* The NSS_BUILTINS_LIBRARY_VERSION_MINOR macro needs to be bumped
- * for each NSS minor release AND whenever we change the list of
- * trusted certificates. 10 minor versions are allocated for each
- * NSS 3.x branch as follows, allowing us to change the list of
- * trusted certificates up to 9 times on each branch.
- * - NSS 3.5 branch: 3-9
- * - NSS 3.6 branch: 10-19
- * - NSS 3.7 branch: 20-29
- * - NSS 3.8 branch: 30-39
- * - NSS 3.9 branch: 40-49
- * - NSS 3.10 branch: 50-59
- * - NSS 3.11 branch: 60-69
- * ...
- * - NSS 3.12 branch: 70-89
- * - NSS 3.13 branch: 90-99
- * - NSS 3.14 branch: 100-109
- * ...
- * - NSS 3.29 branch: 250-255
+ * whenever we change the list of trusted certificates.
+ *
+ * Please use the following rules when increasing the version number:
+ *
+ * - starting with version 2.14, NSS_BUILTINS_LIBRARY_VERSION_MINOR
+ * must always be an EVEN number (e.g. 16, 18, 20 etc.)
+ *
+ * - whenever possible, if older branches require a modification to the
+ * list, these changes should be made on the main line of development (trunk),
+ * and the older branches should update to the most recent list.
+ *
+ * - ODD minor version numbers are reserved to indicate a snapshot that has
+ * deviated from the main line of development, e.g. if it was necessary
+ * to modify the list on a stable branch.
+ * Once the version has been changed to an odd number (e.g. 2.13) on a branch,
+ * it should remain unchanged on that branch, even if further changes are
+ * made on that branch.
*
* NSS_BUILTINS_LIBRARY_VERSION_MINOR is a CK_BYTE. It's not clear
* whether we may use its full range (0-255) or only 0-99 because
* of the comment in the CK_VERSION type definition.
+ * It's recommend to switch back to 0 after having reached version 98/99.
*/
#define NSS_BUILTINS_LIBRARY_VERSION_MAJOR 2
-#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 11
-#define NSS_BUILTINS_LIBRARY_VERSION "2.11"
+#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 14
+#define NSS_BUILTINS_LIBRARY_VERSION "2.14"
/* These version numbers detail the semantic changes to the ckfw engine. */
#define NSS_BUILTINS_HARDWARE_VERSION_MAJOR 1
#define NSS_BUILTINS_HARDWARE_VERSION_MINOR 0
/* These version numbers detail the semantic changes to ckbi itself
* (new PKCS #11 objects), etc. */
#define NSS_BUILTINS_FIRMWARE_VERSION_MAJOR 1
diff --git a/lib/certdb/genname.c b/lib/certdb/genname.c
--- a/lib/certdb/genname.c
+++ b/lib/certdb/genname.c
@@ -1583,19 +1583,19 @@ done:
#define NAME_CONSTRAINTS_ENTRY(CA) \
{ \
STRING_TO_SECITEM(CA##_SUBJECT_DN) \
, \
STRING_TO_SECITEM(CA##_NAME_CONSTRAINTS) \
}
-/* Agence Nationale de la Securite des Systemes d'Information (ANSSI) */
+/* clang-format off */
-/* clang-format off */
+/* Agence Nationale de la Securite des Systemes d'Information (ANSSI) */
#define ANSSI_SUBJECT_DN \
"\x30\x81\x85" \
"\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02" "FR" /* C */ \
"\x31\x0F\x30\x0D\x06\x03\x55\x04\x08\x13\x06" "France" /* ST */ \
"\x31\x0E\x30\x0C\x06\x03\x55\x04\x07\x13\x05" "Paris" /* L */ \
"\x31\x10\x30\x0E\x06\x03\x55\x04\x0A\x13\x07" "PM/SGDN" /* O */ \
"\x31\x0E\x30\x0C\x06\x03\x55\x04\x0B\x13\x05" "DCSSI" /* OU */ \
@@ -1614,20 +1614,49 @@ done:
"\x30\x05\x82\x03" ".pm" \
"\x30\x05\x82\x03" ".bl" \
"\x30\x05\x82\x03" ".mf" \
"\x30\x05\x82\x03" ".wf" \
"\x30\x05\x82\x03" ".pf" \
"\x30\x05\x82\x03" ".nc" \
"\x30\x05\x82\x03" ".tf"
+/* TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1 */
+
+#define TUBITAK1_SUBJECT_DN \
+ "\x30\x81\xd2" \
+ "\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02" \
+ /* C */ "TR" \
+ "\x31\x18\x30\x16\x06\x03\x55\x04\x07\x13\x0f" \
+ /* L */ "Gebze - Kocaeli" \
+ "\x31\x42\x30\x40\x06\x03\x55\x04\x0a\x13\x39" \
+ /* O */ "Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK" \
+ "\x31\x2d\x30\x2b\x06\x03\x55\x04\x0b\x13\x24" \
+ /* OU */ "Kamu Sertifikasyon Merkezi - Kamu SM" \
+ "\x31\x36\x30\x34\x06\x03\x55\x04\x03\x13\x2d" \
+ /* CN */ "TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1"
+
+#define TUBITAK1_NAME_CONSTRAINTS \
+ "\x30\x65\xa0\x63" \
+ "\x30\x09\x82\x07" ".gov.tr" \
+ "\x30\x09\x82\x07" ".k12.tr" \
+ "\x30\x09\x82\x07" ".pol.tr" \
+ "\x30\x09\x82\x07" ".mil.tr" \
+ "\x30\x09\x82\x07" ".tsk.tr" \
+ "\x30\x09\x82\x07" ".kep.tr" \
+ "\x30\x09\x82\x07" ".bel.tr" \
+ "\x30\x09\x82\x07" ".edu.tr" \
+ "\x30\x09\x82\x07" ".org.tr"
+
/* clang-format on */
-static const SECItem builtInNameConstraints[][2] = { NAME_CONSTRAINTS_ENTRY(
- ANSSI) };
+static const SECItem builtInNameConstraints[][2] = {
+ NAME_CONSTRAINTS_ENTRY(ANSSI),
+ NAME_CONSTRAINTS_ENTRY(TUBITAK1)
+};
SECStatus
CERT_GetImposedNameConstraints(const SECItem *derSubject, SECItem *extensions)
{
size_t i;
if (!extensions) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
diff --git a/lib/cryptohi/keythi.h b/lib/cryptohi/keythi.h
--- a/lib/cryptohi/keythi.h
+++ b/lib/cryptohi/keythi.h
@@ -204,17 +204,17 @@ typedef struct SECKEYPublicKeyStr SECKEY
#define SECKEY_ATTRIBUTE_VALUE(key, attribute) \
(0 != (key->staticflags & SECKEY_##attribute))
#define SECKEY_HAS_ATTRIBUTE_SET(key, attribute) \
(0 != (key->staticflags & SECKEY_Attributes_Cached)) ? (0 != (key->staticflags & SECKEY_##attribute)) : PK11_HasAttributeSet(key->pkcs11Slot, key->pkcs11ID, attribute, PR_FALSE)
#define SECKEY_HAS_ATTRIBUTE_SET_LOCK(key, attribute, haslock) \
- (0 != (key->staticflags & SECKEY_Attributes_Cached)) ? (0 != (key->staticflags & SECKEY_##attribute)) : PK11_HasAttributeSet(key->pkcs11Slot, key->pkcs11ID, attribute, haslock)
+ (0 != (key->staticflags & SECKEY_Attributes_Cached)) ? (0 != (key->staticflags & SECKEY_##attribute)) : pk11_HasAttributeSet_Lock(key->pkcs11Slot, key->pkcs11ID, attribute, haslock)
/*
** A generic key structure
*/
struct SECKEYPrivateKeyStr {
PLArenaPool *arena;
KeyType keyType;
PK11SlotInfo *pkcs11Slot; /* pkcs11 slot this key lives in */
diff --git a/lib/nss/nss.def b/lib/nss/nss.def
--- a/lib/nss/nss.def
+++ b/lib/nss/nss.def
@@ -1092,8 +1092,15 @@ SECMOD_CreateModuleEx;
;+};
;+NSS_3.22 { # NSS 3.22 release
;+ global:
PK11_SignWithMechanism;
PK11_VerifyWithMechanism;
;+ local:
;+ *;
;+};
+;+NSS_3.30 { # NSS 3.30 release
+;+ global:
+CERT_CompareAVA;
+PK11_HasAttributeSet;
+;+ local:
+;+ *;
+;+};
diff --git a/lib/pk11wrap/pk11obj.c b/lib/pk11wrap/pk11obj.c
--- a/lib/pk11wrap/pk11obj.c
+++ b/lib/pk11wrap/pk11obj.c
@@ -151,18 +151,18 @@ PK11_ReadULongAttribute(PK11SlotInfo *sl
}
return value;
}
/*
* check to see if a bool has been set.
*/
CK_BBOOL
-PK11_HasAttributeSet(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
- CK_ATTRIBUTE_TYPE type, PRBool haslock)
+pk11_HasAttributeSet_Lock(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
+ CK_ATTRIBUTE_TYPE type, PRBool haslock)
{
CK_BBOOL ckvalue = CK_FALSE;
CK_ATTRIBUTE theTemplate;
CK_RV crv;
/* Prepare to retrieve the attribute. */
PK11_SETATTRS(&theTemplate, type, &ckvalue, sizeof(CK_BBOOL));
@@ -176,16 +176,24 @@ PK11_HasAttributeSet(PK11SlotInfo *slot,
if (crv != CKR_OK) {
PORT_SetError(PK11_MapError(crv));
return CK_FALSE;
}
return ckvalue;
}
+CK_BBOOL
+PK11_HasAttributeSet(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
+ CK_ATTRIBUTE_TYPE type, PRBool haslock)
+{
+ PR_ASSERT(haslock == PR_FALSE);
+ return pk11_HasAttributeSet_Lock(slot, id, type, PR_FALSE);
+}
+
/*
* returns a full list of attributes. Allocate space for them. If an arena is
* provided, allocate space out of the arena.
*/
CK_RV
PK11_GetAttributes(PLArenaPool *arena, PK11SlotInfo *slot,
CK_OBJECT_HANDLE obj, CK_ATTRIBUTE *attr, int count)
{
diff --git a/lib/pk11wrap/pk11priv.h b/lib/pk11wrap/pk11priv.h
--- a/lib/pk11wrap/pk11priv.h
+++ b/lib/pk11wrap/pk11priv.h
@@ -113,20 +113,20 @@ PK11SymKey *pk11_CopyToSlot(PK11SlotInfo
SECStatus PK11_TraversePrivateKeysInSlot(PK11SlotInfo *slot,
SECStatus (*callback)(SECKEYPrivateKey *, void *), void *arg);
SECKEYPrivateKey *PK11_FindPrivateKeyFromNickname(char *nickname, void *wincx);
CK_OBJECT_HANDLE *PK11_FindObjectsFromNickname(char *nickname,
PK11SlotInfo **slotptr, CK_OBJECT_CLASS objclass, int *returnCount,
void *wincx);
CK_OBJECT_HANDLE PK11_MatchItem(PK11SlotInfo *slot, CK_OBJECT_HANDLE peer,
CK_OBJECT_CLASS o_class);
-CK_BBOOL PK11_HasAttributeSet(PK11SlotInfo *slot,
- CK_OBJECT_HANDLE id,
- CK_ATTRIBUTE_TYPE type,
- PRBool haslock);
+CK_BBOOL pk11_HasAttributeSet_Lock(PK11SlotInfo *slot,
+ CK_OBJECT_HANDLE id,
+ CK_ATTRIBUTE_TYPE type,
+ PRBool haslock);
CK_RV PK11_GetAttributes(PLArenaPool *arena, PK11SlotInfo *slot,
CK_OBJECT_HANDLE obj, CK_ATTRIBUTE *attr, int count);
int PK11_NumberCertsForCertSubject(CERTCertificate *cert);
SECStatus PK11_TraverseCertsForSubject(CERTCertificate *cert,
SECStatus (*callback)(CERTCertificate *, void *), void *arg);
SECStatus PK11_GetKEAMatchedCerts(PK11SlotInfo *slot1,
PK11SlotInfo *slot2, CERTCertificate **cert1, CERTCertificate **cert2);
SECStatus PK11_TraverseCertsInSlot(PK11SlotInfo *slot,
diff --git a/lib/pk11wrap/pk11pub.h b/lib/pk11wrap/pk11pub.h
--- a/lib/pk11wrap/pk11pub.h
+++ b/lib/pk11wrap/pk11pub.h
@@ -681,16 +681,20 @@ CK_OBJECT_HANDLE PK11_FindCertInSlot(PK1
void *wincx);
SECStatus PK11_TraverseCertsForNicknameInSlot(SECItem *nickname,
PK11SlotInfo *slot, SECStatus (*callback)(CERTCertificate *, void *),
void *arg);
CERTCertList *PK11_ListCerts(PK11CertListType type, void *pwarg);
CERTCertList *PK11_ListCertsInSlot(PK11SlotInfo *slot);
CERTSignedCrl *PK11_ImportCRL(PK11SlotInfo *slot, SECItem *derCRL, char *url,
int type, void *wincx, PRInt32 importOptions, PLArenaPool *arena, PRInt32 decodeOptions);
+CK_BBOOL PK11_HasAttributeSet(PK11SlotInfo *slot,
+ CK_OBJECT_HANDLE id,
+ CK_ATTRIBUTE_TYPE type,
+ PRBool haslock /* must be set to PR_FALSE */);
/**********************************************************************
* Sign/Verify
**********************************************************************/
/*
* Return the length in bytes of a signature generated with the
* private key.