← GlobalSign nv-sa cases
Bugzilla #1301545
Certificate Problem Report
GlobalSign CloudSSL CA - SHA256 - G3 issued certificate without required extensions
RESOLVED
GlobalSign nv-sa
AI Summary
GlobalSign CloudSSL CA issued a certificate lacking essential extensions such as Subject Alternative Name, Authority Information Access, and Certificate Policies. This oversight occurred during a test issuance by an engineer who mistakenly bypassed policy controls. The certificate was revoked within 71 minutes of issuance, and measures are being implemented to prevent similar occurrences in the future.
Chronology
- Bug reported regarding missing certificate extensions.
- GlobalSign acknowledged the error and revoked the certificate.
- Bug resolved.
Participants
Dana Keeler
Kathleen Wilson
Steve Roylance
External References
Related Bugzilla IDs Mentioned
Similar Local Cases
Bug in GlobalSign Certificate Centre not populating EKUs in 68 SSL certificates
GlobalSign: ICAs in CCADB, without EKU extension are listed in WTCA report but not in WTBR report
GlobalSign: Non-BR-Compliant Certificate Issuance -- double-dots in dnsName
GlobalSign: Non-BR-Compliant Certificate Issuance - metadata-only subject fields
GlobalSign: Incapsula issued a certificate for non-existing domain (testslsslfeb20.me)
Hongkong Post e-Cert CA 1 - 10 issuing certificates without subject alternative name extension
DigiCert: ECCE 001 issuing certificates without subject alternative name extension
GlobalSign: Invalid Common Names in Globalsign Certificates