← SwissSign AG cases
Bugzilla #1404403
Certificate Misissuance
SwissSign: Two certs issued with same issuer and serial number
RESOLVED
FIXED
SwissSign AG
AI Summary
SwissSign AG reported a misissuance where two certificates were issued with the same issuer and serial number. The issue was identified during the setup of the CCADB and involved certificates that were incorrectly issued in 2009. SwissSign took steps to revoke the affected certificates and implemented changes to prevent future occurrences. The last of the problematic certificates was revoked on November 11, 2017, and the situation was resolved with proper documentation and communication with relevant parties.
Chronology
- Issue detected during CCADB setup
- First certificate revoked
- Last problematic certificate revoked
- Bug resolved
Participants
Gervase Markham
Corneia Enke
Reinhard Dietrich
Kathleen Wilson
External References
Similar Local Cases
SwissSign: Domain validated certificate but with stateOrProvinceName
SwissSign: Cert issued with a to long validity period
DigiCert / Inteso San Paulo: Double dot characters
SwissSign: Invalid DNSName in SAN
Camerfirma: Certs issued with same issuer and serial number
Let's Encrypt: certs issued contrary to CPS due to incomplete blocklist
Actalis: Certs issued with same issuer and serial number
WoSign issued SHA-1 SSL certs and backdated the issuance date on SSL certificates