← Government of Spain, Fábrica Nacional de Moneda y Timbre (FNMT) cases
Bugzilla #1495507 Certificate Misissuance

FNMT: OU exceeds 64 characters

RESOLVED FIXED Government of Spain, Fábrica Nacional de Moneda y Timbre (FNMT)
AI Summary

The Government of Spain's CA, FNMT, misissued 103 certificates with an Organizational Unit (OU) field exceeding the maximum length of 64 characters. The issue was identified on October 1, 2018, and an incident report was requested. FNMT took immediate action, including stopping the issuance of such certificates and developing automated validation controls. By October 26, 2018, they had implemented measures to prevent future occurrences and added the misissued certificates to Certificate Transparency logs. The case has been resolved with all necessary updates completed.

Model: gpt-4o-mini Generated: 2026-06-13 17:54 UTC Confidence: 1.00
Chronology
  1. Issue identified and incident report requested.
  2. Investigation confirmed misissued certificates.
  3. Automated validation control implemented.
  4. Production environment upgraded with new validation component.
Participants
Wayne Thayer Rafa Medina
External References
Original Bugzilla Case crt.sh wiki.mozilla.org
Similar Local Cases
#1922906 RESOLVED Certificate Misissuance Opened 2024-10-05 · Closed 2025-02-12 · 52% similar
FNMT: LDAP URI in CRL Distribution Points Extension
AI Summary CA Owner
#1696872 RESOLVED Certificate Misissuance Opened 2021-03-08 · Closed 2025-03-20 · 51% similar
FNMT: Missisuance of web site certificates without CA/Browser Forum’s reserved policy OID
AI Summary CA Owner
#1551363 RESOLVED Certificate Misissuance Opened 2019-05-14 · Closed 2023-02-22 · 51% similar
DigiCert: "Some-State" in stateOrProvinceName
AI Summary CA Owner
#1462423 RESOLVED Certificate Misissuance Opened 2018-05-17 · Closed 2023-02-22 · 51% similar
NetLock: CN not in SAN
AI Summary CA Owner
#1462844 RESOLVED Certificate Misissuance Opened 2018-05-19 · Closed 2023-02-22 · 51% similar
GoDaddy: Improper DER results in failure to comply with RFC 5280 - Invalid characters in PrintableString
AI Summary CA Owner
#1481862 RESOLVED Certificate Misissuance Opened 2018-08-08 · Closed 2023-02-22 · 51% similar
Camerfirma: MULTICERT organizationName Too Long
AI Summary CA Owner
#2012326 RESOLVED Certificate Misissuance Opened 2026-01-25 · Closed 2026-02-27 · 50% similar
FNMT: Issuance of certificate using keys previously reported as compromised
AI Summary CA Owner
#1446121 RESOLVED Certificate Misissuance Opened 2018-03-15 · Closed 2023-02-22 · 50% similar
IdenTrust: Improper encoding of wildcard certificate
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action