← Netlock cases
Bugzilla #1401211 Certificate Problem Report

NetLock: Non-BR-Compliant Certificate Issuance -- * in not the leftmost position in dnsName

RESOLVED FIXED Netlock
AI Summary

NetLock reported a mis-issuance of a certificate that contained a wildcard character not in the leftmost position of the domain name. The issue was identified on September 2, 2017, following a user report. NetLock confirmed that they ceased issuing such certificates and implemented additional validation checks to prevent future occurrences. The root cause was attributed to human error during the editing of the certificate request. The certificate was revoked on September 12, 2017, after the customer completed their transition to a new certificate.

Model: gpt-4o-mini Generated: 2026-06-13 17:10 UTC Confidence: 0.90
Chronology
  1. NetLock received a report about the mis-issuance.
  2. The problematic certificate was revoked.
  3. NetLock confirmed they stopped issuing non-compliant certificates.
  4. NetLock discussed their validation process improvements.
  5. Summary of issues and remediation plan was provided.
Participants
Varga Viktor Gervase Markham Ryan Sleevi
External References
Original Bugzilla Case crt.sh
Similar Local Cases
#1390988 RESOLVED Certificate Problem Report Opened 2017-08-16 · Closed 2023-02-22 · 59% similar
Consorci AOC: Non-BR-Compliant Certificate Issuance
AI Summary CA Owner
#1390977 RESOLVED Certificate Problem Report Opened 2017-08-16 · Closed 2023-02-22 · 58% similar
Camerfirma: Non-BR-Compliant Certificate Issuance
AI Summary CA Owner
#1304895 RESOLVED Certificate Problem Report Opened 2016-09-22 · Closed 2023-02-22 · 56% similar
DigiCert: TI Trust Technologies Global CA issued certificate with no subject alternative name extension
AI Summary CA Owner
#1391087 RESOLVED Certificate Problem Report Opened 2017-08-16 · Closed 2023-02-22 · 55% similar
Visa: Non-BR-Compliant Certificate Issuance
AI Summary CA Owner
#1330482 RESOLVED Certificate Problem Report Opened 2017-01-12 · Closed 2023-02-22 · 55% similar
GoDaddy: New GoDaddy incorrect issuance bug appears to be regression of 2010 issue
AI Summary CA Owner
#1393557 RESOLVED Certificate Problem Report Opened 2017-08-24 · Closed 2023-02-22 · 54% similar
GlobalSign: Non-BR-Compliant Certificate Issuance -- RSA key smaller than 2048 bits
AI Summary CA Owner
#1398247 RESOLVED Certificate Problem Report Opened 2017-09-08 · Closed 2023-02-22 · 54% similar
DocuSign/Keynectis: Non-BR-Compliant OCSP Responders
AI Summary CA Owner
#1524730 RESOLVED Certificate Problem Report Opened 2019-02-02 · Closed 2023-02-22 · 53% similar
Sectigo: invalid dnsName
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action