← SSL.com cases
Bugzilla #1534147 Certificate Problem Report

SSL.com: Insufficient serial number entropy

RESOLVED FIXED SSL.com
AI Summary

SSL.com identified an issue with insufficient entropy in the serial number generation of their certificates, which was linked to their use of EJBCA. Following discussions in the mozilla.dev.security.policy forum, SSL.com initiated a review and confirmed the issue on March 5, 2019. They promptly deployed a patch and resumed certificate issuance with corrected serial number generation. Affected certificates were revoked, and a comprehensive remediation plan was implemented to prevent future occurrences.

Model: gpt-4o-mini Generated: 2026-06-13 18:06 UTC Confidence: 0.95
Chronology
  1. Ballot 164 on Certificate Serial Number Entropy is voted.
  2. Ballot 164 enters into effect.
  3. Initial review initiated and issue confirmed.
  4. Plan for revocation of affected certificates initiated.
  5. Revocation of affected TLS end-entity certificates completed.
Participants
Wayne Thayer Fotis Loukos
External References
Original Bugzilla Case
Similar Local Cases
#1620772 RESOLVED Certificate Problem Report Opened 2020-03-07 · Closed 2023-02-22 · 58% similar
SSL.com: Issued precertificate with Debian Weak Key
AI Summary CA Owner
#1532399 RESOLVED Certificate Problem Report Opened 2019-03-04 · Closed 2023-02-22 · 55% similar
TrustCor: Insufficient Serial Number Entropy
AI Summary CA Owner
#1938236 RESOLVED Certificate Problem Report Opened 2024-12-18 · Closed 2025-02-28 · 53% similar
SSL.com: Failure to process CAA records from one SubCA
AI Summary CA Owner
#1533774 RESOLVED Certificate Problem Report Opened 2019-03-08 · Closed 2023-02-22 · 53% similar
GoDaddy: Insufficient serial number entropy
AI Summary CA Owner
#1927532 RESOLVED Certificate Problem Report Opened 2024-10-28 · Closed 2025-08-26 · 52% similar
SSL.com: Issuance of certificates using keys previously reported as compromised
AI Summary CA Owner
#1539307 RESOLVED Certificate Problem Report Opened 2019-03-27 · Closed 2023-02-22 · 52% similar
Buypass: Insufficient Serial Number Entropy
AI Summary CA Owner
#1535873 RESOLVED Certificate Problem Report Opened 2019-03-16 · Closed 2023-02-22 · 52% similar
GlobalSign: AT&T Insufficient Serial Number Entropy
AI Summary CA Owner
#1390988 RESOLVED Certificate Problem Report Opened 2017-08-16 · Closed 2023-02-22 · 52% similar
Consorci AOC: Non-BR-Compliant Certificate Issuance
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action