← IdenTrust Services, LLC cases
Bugzilla #1526099
Certificate Problem Report
IdenTrust: Discrepancy in values of address fields within CN of SSL Certificates
RESOLVED
FIXED
IdenTrust Services, LLC
AI Summary
IdenTrust identified a discrepancy in the address fields of 12 SSL certificates during an internal review on February 4, 2019. The issue arose from a specific renewal process that incorrectly updated the certificate data. All affected certificates were revoked within four days, and the CA ceased issuing certificates with this issue immediately. A procedural fix was implemented on February 5, 2019, to ensure that only the organization's main address is used in future renewals. A root cause analysis was conducted, confirming that the misconfiguration had been in place since before the Baseline Requirements v1.0.
Chronology
- Discrepancy discovered during internal review
- Procedural fix implemented to prevent future discrepancies
- Root Cause Analysis Report completed
- Remediation confirmed complete
Participants
IdenTrust
W. Thayer
External References
Similar Local Cases
IdenTrust: EV TLS certificate with wrong jurisdiction state for private organization
IdenTrust: Invalid OrganizationIdentifier in S/MIME certificates
IdenTrust: Expired CRLs
IdenTrust: Pre-certificates without a final certificate showing OCSP error
IdenTrust: Certificates with Invalid values for stateOrProvinceName
IdenTrust: S/MIME certificates issued in violation of New S/MIME Baseline Requirements v1.0
IdenTrust: duplicate Certificate in error flagged by OCSP Watch
IdenTrust: Failure to provide OCSP responses for valid ICA certificates