← DigiCert cases
Bugzilla #1451950
CCADB Compliance
DigiCert: Intermediate Cert(s) not disclosed in CCADB
RESOLVED
DigiCert
AI Summary
DigiCert was found to have one or more intermediate certificates that were not disclosed in the Common CA Database (CCADB), violating Mozilla's Root Store Policy. The issue was raised by Kathleen Wilson, highlighting the requirement for all non-technically constrained subordinate CA certificates to be publicly disclosed. Following discussions and actions taken by DigiCert, the certificates were eventually uploaded to the CCADB, resolving the compliance issue.
Chronology
- Initial report of undisclosed intermediate certificates
- DigiCert acknowledges the compliance deadline
- DigiCert confirms steps to ensure compliance
- ECCE begins replacing non-compliant certificates
Participants
Kathleen Wilson
Ben Wilson
Jeremy Rowley
Wayne Thayer
Steve Medin
Vitor Castro
External References
Similar Local Cases
DigiCert: Non-audited, non-technically-constrained intermediate certificates
DigiCert: Missing audits for Intermediate certificates
Dhimyotis / Certigna: Intermediate Cert(s) not disclosed in CCADB
Telia: Intermediate Cert(s) Not Disclosed in CCADB
Consorci AOC: Qualified audit statements
QuoVadis: "unexpired but revoked" constrained CAs unable to be reported in CCADB
Amazon Trust Services: Overdue audit statements for intermediate certificates
Entrust: Outdated audit statement for intermediate cert