← DarkMatter LLC cases
Bugzilla #1468477 Certificate Problem Report

QuoVadis / Freistaat Bayern: Non-BR-compliant Key Usage

RESOLVED FIXED DarkMatter LLC
AI Summary

A certificate issued by Freistaat Bayern under a QuoVadis root was found to have non-compliant Key Usage extensions, specifically allowing keyCertSign and cRLSign for an end-entity certificate. The issue was identified on June 12, 2018, through a post-issuance linting system, leading to the certificate's revocation on June 13, 2018. QuoVadis has since implemented tighter controls and is transitioning to a managed PKI to prevent future occurrences. The problematic certificates were revoked by December 30, 2019.

Model: gpt-4o-mini Generated: 2026-06-13 17:51 UTC Confidence: 0.95
Chronology
  1. Issue identified via post-issuance linting system.
  2. Certificate revoked.
  3. Freistaat Bayern ceased issuance from the problematic subCA.
  4. SubCA revoked.
Participants
Rob Stradling Stephen Davidson
External References
Original Bugzilla Case
Similar Local Cases
#1521950 RESOLVED Certificate Problem Report Opened 2019-01-22 · Closed 2023-02-22 · 63% similar
QuoVadis: BR Error - san dns name starts with period
AI Summary CA Owner
#1738472 RESOLVED Certificate Problem Report Opened 2021-10-29 · Closed 2023-02-22 · 62% similar
QuoVadis: hostnames not in preferred name syntax
AI Summary CA Owner
#1576283 RESOLVED Certificate Problem Report Opened 2019-08-23 · Closed 2023-02-22 · 61% similar
QuoVadis: N/A in EV serialNumber field
AI Summary CA Owner
#1534535 RESOLVED Certificate Problem Report Opened 2019-03-12 · Closed 2023-02-22 · 61% similar
QuoVadis / Siemens: Insufficient serial number entropy
AI Summary CA Owner
#1593357 RESOLVED Certificate Problem Report Opened 2019-11-01 · Closed 2023-02-22 · 59% similar
QuoVadis: Incorrect EV businessCategory
AI Summary CA Owner
#1586792 RESOLVED Certificate Problem Report Opened 2019-10-07 · Closed 2023-02-22 · 59% similar
QuoVadis: Issuance of intermediates after 2019-01-01 that do not comply with Mozilla Policy or the BRs
AI Summary CA Owner
#1599916 RESOLVED Certificate Problem Report Opened 2019-11-27 · Closed 2023-02-22 · 58% similar
QuoVadis: Unconstrained CAs revocation
AI Summary CA Owner
#1524879 RESOLVED Certificate Problem Report Opened 2019-02-03 · Closed 2023-02-22 · 58% similar
QuoVadis: IP in dnsName
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action