← China Financial Certification Authority (CFCA) cases
Bugzilla #1524733 Certificate Problem Report

CFCA: invalid dnsNames

RESOLVED FIXED China Financial Certification Authority (CFCA)
AI Summary

The China Financial Certification Authority (CFCA) issued two certificates with invalid dnsNames, which were reported by Jonathan Rudenberg. Upon notification, CFCA revoked both certificates on the same day. The incident highlighted a lack of a 'Hard fail' detection mechanism, leading to reliance on manual reviews. CFCA has since implemented system updates and training to prevent future misissuance, including automated checks for compliance with standards.

Model: gpt-4o-mini Generated: 2026-06-13 18:01 UTC Confidence: 0.90
Chronology
  1. CFCA received reports of invalid dnsNames.
  2. CFCA revoked the problematic certificates.
  3. CFCA implemented a 'Hard fail' detection mechanism.
  4. CFCA completed internal training on BR requirements.
  5. CFCA submitted a final report on the incident.
Participants
Jonathan Rudenberg Jonathan Sun Wayne Thayer Ryan Sleevi
External References
Original Bugzilla Case crt.sh crt.sh
Similar Local Cases
#1532559 RESOLVED Certificate Problem Report Opened 2019-03-05 · Closed 2023-02-22 · 78% similar
CFCA: Wrong SerialNumber encoding
AI Summary CA Owner
#1532429 RESOLVED Certificate Problem Report Opened 2019-03-04 · Closed 2023-02-22 · 78% similar
CFCA: Invalid TLD in SAN
AI Summary CA Owner
#1524143 RESOLVED Certificate Problem Report Opened 2019-01-31 · Closed 2023-02-22 · 78% similar
CFCA: Internal iPAddress in certificate
AI Summary CA Owner
#1532113 RESOLVED Certificate Problem Report Opened 2019-03-03 · Closed 2023-02-22 · 69% similar
CFCA: O > 64 characters
AI Summary CA Owner
#1524815 RESOLVED Certificate Problem Report Opened 2019-02-03 · Closed 2023-02-22 · 64% similar
GoDaddy: failure to revoke underscores
AI Summary CA Owner
#1608333 RESOLVED Certificate Problem Report Opened 2020-01-10 · Closed 2023-02-22 · 60% similar
CFCA: Wrong OrganizationName
AI Summary CA Owner
#1551362 RESOLVED Certificate Problem Report Opened 2019-05-14 · Closed 2023-02-22 · 58% similar
Sectigo: "Some-State" in stateOrProvinceName
AI Summary CA Owner
#1532399 RESOLVED Certificate Problem Report Opened 2019-03-04 · Closed 2023-02-22 · 58% similar
TrustCor: Insufficient Serial Number Entropy
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action