Microsoft Trusted Root Certificate: Program Вимога
The Microsoft Trusted Root Certificate («Program») supports the distribution of qualifying root certificate in Microsoft Windows and other Microsoft Products and Services. This page describes the program’s general and technical requirements, including information about how a Certificate Authority (CA) can contact Microsoft to request inclusion into the Program.
This document lists the details and requirements for the Program. Certification Authorities («CAs») that are current members of the Program are listed at http://support.microsoft.com/kb/931125 .
How Root Certificate Distribution Works
Starting with the release of Windows Vista, root certificates are updated on Windows automatically. When a user visits a secure Web site (by using HTTPS (SSL), reads a secure email (S/MIME), or downloads an ActiveX control that is signed (code signing) and encounters a new root certificate, the Windows certificate chain verification software checks the appropriate Microsoft Update location for the root certificate. If it finds it, it download it to the system. To the user, the experience is seamless. The user does not see any security dialog boxes or warnings. The download happens automatically, behind the scenes.
2. Certificate Authority Intake Process
In order to begin the process to be included in the Program, a CA must fill out the application located at http://aka.ms/rootcertapply and email the completed form to email@example.com. This will begin the onboarding process, outlined below:
- Microsoft will review the application and may request additional documentation from the CA to determine if the CA meets the Program requirements and whether, in microsoft’s judgment, the CA’s inclusion into the benefit program will microsoft’s customers
- A copy of all of the roots that the CA wishes to have Microsoft include in the Program in .cer file format (contained in a .ZIP file)
- The name, email address, phone number, and job title of the person who will sign the Program contract
Короткий опис статті: сертифікат microsoft