Useful Resources

CCADB Data

• CCADB Data Usage Terms
• Code Signing Root Certificates
  • PEM of Root Certificates in Microsoft’s Root Store with Code Signing EKU (TXT)
  • PEM of Root Certificates in Microsoft’s Root Store with Code Signing EKU (CSV)
• Email (S/MIME) Root Certificates
  • PEM of Root Certificates in Mozilla’s Root Store with the Email (S/MIME) Trust Bit Enabled (TXT)
  • PEM of Root Certificates in Mozilla’s Root Store with the Email (S/MIME) Trust Bit Enabled (CSV)
• Server Authentication (SSL/TLS) Root Certificates
  • PEM of Root Certificates in Mozilla’s Root Store with the Websites (TLS/SSL) Trust Bit Enabled (TXT)
  • PEM of Root Certificates in Mozilla’s Root Store with the Websites (TLS/SSL) Trust Bit Enabled (CSV)
• All certs (root and intermediate) in CCADB (CSV)
• List of CA problem reporting mechanisms (email, etc.) (use this to report a certificate problem directly to the CA)
• List of CAA Identifiers (used to restrict issuance of certificates to specific CAs via a DNS Certification Authority Authorization Resource Record)
  • CSV List of CAA Identifiers

Mozilla

• Root Program Documentation
• Root Store Policy
• CA Communications
• CA Incident Dashboard
• dev-security-policy WebPKI Forum

Microsoft

• Trusted Root Program Requirements
• Trusted Root Certificate Program Updates
• Trusted Root Audit Requirements

Google Chrome

• Chrome Root Program Policy
• Chrome Root Store & Certificate Verifier FAQ

General

• crt.sh Certificate Search
• Censys Certificate Search
• Certificate Explainer
• public@ccadb.org WebPKI Forum
• Trust Service Provider Technical Best Practices
• Qualified Website Authentication Certificates (QWACs) Interoperability