Hi John,

I also got this email. We also recently installed an ipsCA wildcard cert for a test EZProxy install.

Looking at the details of our ipsCA wildcard certificate in Firefox, though, I can see the chain of certificates going up to the root ipsCA cert.  

Firefox says that that root certificate -- ipsCA CLASEA1 Certificate Authority -- is good until 2025. I see the same thing in IE, Safari, and I assume every other browser I might check.

Do you see that too?


David Walker
Library Web Services Manager
California State University
From: Code for Libraries [[log in to unmask]] On Behalf Of John Wynstra [[log in to unmask]]
Sent: Thursday, December 17, 2009 1:02 PM
To: [log in to unmask]
Subject: [CODE4LIB] ipsCA Certs

Out of curiosity, did anyone else using ipsCA certs receive notification
that due to the coming expiration of their root CA (December 29,2009),
they would need a reissued cert under a new root CA?

I am uncertain as to how this new Root CA will become a part of the
browsers trusted roots without some type of user action including a
software upgrade, but the following library website instructions lead me
to believe that this is not going to be smooth.

We are just about to go live with EZProxy in January with an ipsCA cert
issued a few months ago, and I am not about to do that if I have serious
browser support issue.

John Wynstra
Library Information Systems Specialist
Rod Library
University of Northern Iowa
Cedar Falls, IA  50613
[log in to unmask]