← Global Digital Cybersecurity Authority Co., Ltd. (Formerly Guang Dong Certificate Authority (GDCA)) cases
Bugzilla #1536831 Certificate Problem Report

GDCA: Insufficient Serial Number Entropy

RESOLVED FIXED Global Digital Cybersecurity Authority Co., Ltd. (Formerly Guang Dong Certificate Authority (GDCA))
AI Summary

Global Digital Cybersecurity Authority (GDCA) identified an issue with insufficient serial number entropy in SSL/TLS certificates issued between September 30, 2016, and December 1, 2017. Following discussions on mozilla.dev.security.policy, GDCA conducted a self-assessment and confirmed that 283 certificates were affected. They successfully revoked 14 valid certificates and updated their issuance system to prevent future occurrences. The issue has been resolved, and all affected certificates are now either revoked or expired.

Model: gpt-4o-mini Generated: 2026-06-13 18:09 UTC Confidence: 0.95
Chronology
  1. GDCA noticed discussions about insufficient serial number entropy.
  2. GDCA confirmed issuance of 283 affected certificates.
  3. GDCA began revocation procedures for affected certificates.
  4. GDCA completed revocation of all affected certificates.
Participants
capoc@gdca.com.cn ryan.sleevi@gmail.com wthayer@fastly.com
External References
Original Bugzilla Case crt.sh crt.sh crt.sh crt.sh crt.sh crt.sh
Similar Local Cases
#1540961 RESOLVED Certificate Problem Report Opened 2019-04-02 · Closed 2023-02-22 · 60% similar
Atos: Insufficient Serial Number Entropy
AI Summary CA Owner
#1538638 RESOLVED Certificate Problem Report Opened 2019-03-25 · Closed 2023-02-22 · 60% similar
Firmaprofesional: AC Firmaprofesional - INFRAESTRUCTURA insufficient serial number entropy
AI Summary CA Owner
#1534429 RESOLVED Certificate Problem Report Opened 2019-03-11 · Closed 2023-02-22 · 60% similar
Camerfirma: Multicert SSL CA 001: Insufficient serial number entropy
AI Summary CA Owner
#1534429 RESOLVED Certificate Problem Report Opened 2019-03-11 · Closed 2023-02-22 · 59% similar
Camerfirma: Multicert SSL CA 001: Insufficient serial number entropy
AI Summary CA Owner
#1610303 RESOLVED Certificate Problem Report Opened 2020-01-20 · Closed 2023-02-22 · 58% similar
D-TRUST: Issuance of non-conformant SSL certificate
AI Summary CA Owner
#1554259 RESOLVED Certificate Problem Report Opened 2019-05-24 · Closed 2023-02-22 · 58% similar
GlobalSign: SPKI lacks explicit NULL parameter,
AI Summary CA Owner
#1579509 RESOLVED Certificate Problem Report Opened 2019-09-06 · Closed 2022-11-14 · 56% similar
SSL.com: Precertificates without corresponding certificates return OCSP value of "Unknown"
AI Summary CA Owner
#1579413 RESOLVED Certificate Problem Report Opened 2019-09-06 · Closed 2022-11-14 · 55% similar
GlobalSign: OCSP Responder Returns invalid values for Some Precertificates
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action