Upcoming April 2026 NSS Root Store Changes (Bug 2017317)
Ben Wilson
Greetings,
Mozilla will be making several root store changes in its April 2026 NSS release, as tracked in Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=2017317.
Context and Rationale
These changes are part of Mozilla’s ongoing root store maintenance under the Mozilla Root Store Policy (MRSP), including §7.4 (Root CA Lifecycles) and §7.5.3 (Transition Plans). They reflect a combination of lifecycle-based transitions, CA operator requests, and alignment with intended certificate usage, including retiring older or less suitable root certificates, enforcing clear separation of trust purposes (e.g., TLS vs. S/MIME), and reducing unnecessary trust surface in the Web PKI ecosystem. Collectively, these actions help to ensure that root certificates are relied upon only for their intended and actively maintained use cases, or are retired in accordance with established distrust timelines.
Summary of Changes
The following updates are planned (SHA256-based crt.sh certificate lookups are linked below):
Trust Bit Modifications (MRSP §7.5.3 and CA Requests)
Google Trust Services (GTS / GSR):
Amazon:
Sectigo:
Lifecycle-Based Websites Trust Bit Removal (MRSP §7.4)
Izenpe.com (TLS distrustAfter set to 2026-04-15)
Full Root Removals (MRSP §7.4 and CA Requests)
Viking Cloud / SSL.com roots:
AffirmTrust roots:
The table further below also lists some of the affected root certificates with their SHA-256 (crt.sh) references, maps them to corresponding replacement roots, and provides the NSS and Firefox versions (with release dates) in which the replacement roots were first included.
Advice for Subscribers and Relying Parties
At a fundamental level, client systems must be able to successfully build a certificate chain to a root certificate that remains trusted for the intended purpose. Changes to trust bits or root removal will affect which chains are considered valid for updated clients, and deployments must be updated accordingly. Subscribers and relying parties are strongly advised to take the following actions before these changes take effect:
Ensure relying parties are migrated to up-to-date root stores in a timely manner.
Do not pin particular certificates, or if pinning must be employed, disable it automatically when a relying party’s root store becomes stale.
Subscribers should ensure their certificates chain back to modern trusted roots. If compatibility with relying parties with out-of-date root stores is essential, subscribers should serve cross-signed certificate chains which will be trusted by both new and old clients.
Test against current and upcoming root store configurations - Implementers should validate their configurations to ensure compatibility with the changes mentioned here.
Closing
Mozilla will continue to evolve its root store to improve security, reduce complexity, and align trust with real-world usage. These changes are part of that ongoing effort to ensure a more predictable and resilient ecosystem.
If you have questions or identify potential impact, please raise them here on this list or contact the Mozilla root program at certif...@mozilla.org.
Thanks,
Ben Wilson
Mozilla Root Program