← Apple Inc. cases
Bugzilla #1955365 Certificate Problem Report

Apple: Public Key Reuse

RESOLVED FIXED Apple Inc.
AI Summary

Apple identified a race condition in its certificate issuance systems that allowed multiple certificates to be issued for the same public key when requests were made simultaneously. This issue affected 44 certificates, all of which were revoked promptly. The incident was self-reported, and Apple has since implemented a two-stage database transaction to prevent future occurrences. The company updated its Certificate Policy Statement to reflect these changes and has committed to improved detection mechanisms for similar issues.

Model: gpt-4o-mini Generated: 2026-06-13 15:14 UTC Confidence: 0.95
Chronology
  1. Race condition identified in certificate issuance systems.
  2. Preliminary Incident Report published.
  3. CPS updated to remove conflicting statements.
  4. Report Closure Summary published.
Participants
certification_authority@apple.com rowleylaw@gmail.com bwilson@mozilla.com incident-reporting@ccadb.org chrome-root-program@google.com
External References
Original Bugzilla Case
Similar Local Cases
#1843676 RESOLVED Certificate Problem Report Opened 2023-07-15 · Closed 2023-09-22 · 69% similar
Apple: Revocation Delay for TLS certificates issued outside the TTL of the CAA record
AI Summary CA Owner
#1659316 RESOLVED Certificate Problem Report Opened 2020-08-16 · Closed 2023-02-22 · 67% similar
Apple: EV Certificate Approver Authorization
AI Summary CA Owner
#1841534 RESOLVED Certificate Problem Report Opened 2023-07-03 · Closed 2023-08-30 · 66% similar
Apple: TLS certificates issued outside the TTL of the CAA record
AI Summary CA Owner
#1677234 RESOLVED Certificate Problem Report Opened 2020-11-13 · Closed 2023-02-22 · 66% similar
Apple: OCSP availability 2020-11-12
AI Summary CA Owner
#1793210 RESOLVED Certificate Problem Report Opened 2022-09-30 · Closed 2022-11-14 · 65% similar
Apple: CRLs for dormant CAs will not be populated in CCADB
AI Summary CA Owner
#1730291 RESOLVED Certificate Problem Report Opened 2021-09-11 · Closed 2024-06-30 · 65% similar
Apple: Test website certificates expired
AI Summary CA Owner
#1771398 RESOLVED Certificate Problem Report Opened 2022-05-26 · Closed 2023-02-22 · 58% similar
Apple: OCSP responders return ‘unknown’ for valid S/MIME and TLS certificates
AI Summary CA Owner
#1588001 RESOLVED Certificate Problem Report Opened 2019-10-11 · Closed 2023-02-22 · 57% similar
Apple: OCSP responders return responses with incorrect issuer
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action