Hi Andrew, I was looking at https://globaltrust.eu/certificate-policy/ and the 'GLOBALTRUST 2015 SERVER OV 2' entry which includes a list of test servers. I can see there is a different list of test servers listed higher on the page, and 2020 functions correctly, but 2015 has the same issue (from the 'Testserver SSL-Zertifikate' heading):
GLOBALTRUST 2015 gültiges Zertifikat https://testok-2015-server-qualified-1.e-monitoring.at GLOBALTRUST 2015 abgelaufenes Zertifikat https://testold-2015-server-qualified-1.e-monitoring.at GLOBALTRUST 2015 widerrufenes Zertifikat https://testrevoked-2015-server-qualified-1.e-monitoring.at This seems to have been an abandoned practice by globaltrust and the entries are inconsistent on whether they have any listed. - Wayne On Friday, May 3, 2024 at 1:59:59 PM UTC+1 Andrew Ayer wrote: > Hi Wayne, > > On Fri, 3 May 2024 04:29:15 -0700 (PDT) > Wayne <rdau...@gmail.com> wrote: > > > They don't list valid/expired/revoked domains for all of their > > sub-CAs > > CAs are only required to provide one set of test websites per root, not > for every sub-CA. > > > and even the ones they do are running on the same wildcard > > covering: > > > > DNS:timestamp.globaltrust.eu > > DNS:*.globaltrust.eu > > DNS:*.globaltrust.at > > DNS:*.globaltrust.info > > DNS:*.a-cert.at > > DNS:*.e-monitoring.at > > > > See: https://crt.sh/?id=9532011580 > > Where are you seeing this disclosed as a test website certificate? The > disclosures that I see in the CCADB for GLOBALTRUST's Mozilla-trusted > root are: > > https://testok-2020-server-qualified-ev-1.e-monitoring.at/ > https://testold-2020-server-qualified-ev-1.e-monitoring.at/ > https://testrevoked-2020-server-qualified-ev-1.e-monitoring.at/ > > Those all look correct to me. > > Regards, > Andrew > -- You received this message because you are subscribed to the Google Groups "dev-security-policy@mozilla.org" group. To unsubscribe from this group and stop receiving emails from it, send an email to dev-security-policy+unsubscr...@mozilla.org. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/defabcd2-07dd-4e08-8dbf-68a59af82e0an%40mozilla.org.