CCA India Root Certificate on Linux05 Oct 2017
The IT Act provides for the Controller of Certifying Authorities (CCA) to license and regulate the working of Certifying Authorities and also to ensure that none of the provisions of the Act are violated. The Certifying Authorities (CAs) issue Digital Signature Certificates(DSC) for electronic authentication of users. -- Ministry of Electronics & Information Technology, India
Thanks to the IT Act and the government’s Digital India campaign, we’re seeing more and more digitally signed documents floating around. However, validating these signatures requires a Root Certificate which serves as the anchor from which the chain of trust for any signed electronic record is derived. Without a trusted Root available, a signed document cannot be validated.
The Root Certificate of the Controller of Certifying Authorities of India is available on cca.gov.in. While downloading and installing the certificates is a straightforward affair on Windows (Right Click -> Install), it takes a bit of a dance to do so in Linux, as described below:
- Download ‘CCA India 2014’ certificate from this site
- Decode the base64 encoded data with:
- Convert it from DER to PEM format with:
- Print and verify certificate fingerprint1 with:
- Import it to NSSDB with:
- Import it to your Firefox profile with:
- One can use
pdfsig2 to validate signed PDF files:
The ‘CCA India 2015 SPL’ certificate can be imported in a similar manner.