← DigiCert cases
Bugzilla #1483715
Certificate Problem Report
DigiCert: improper use of domain validation method
RESOLVED
DigiCert
AI Summary
DigiCert faced an issue with improper domain validation methods that affected approximately 2,500 certificates. The problem was identified after a customer inquired about the validation process, leading to an internal investigation. It was discovered that some validations did not comply with the updated standards, prompting DigiCert to halt issuance based on the flawed process. The company has since revalidated all affected certificates and implemented measures to prevent future occurrences.
Chronology
- Customer inquiry triggered investigation
- DigiCert stopped all issuance based on the flawed validation process
- All affected certificates revalidated and approved
Participants
Jeremy Rowley
External References
Similar Local Cases
DigiCert: Issuance of certs with weak keys (ROCA)
DigiCert: Truncation of Registration Number
DigiCert: Failure to find and revoke key-compromised certificates within 24 hours
DigiCert: BR 3.2.5 Validation of Authority Failure for OV Certs
DigiCert: Org information issue in new validation workflow
DigiCert: Non-BR Compliant Certificates - missing CP/CPS OID
DigiCert: ECCE 001 issuing certificates without subject alternative name extension
DigiCert: Underscores - Canadian Imperial Bank of Commerce