← SwissSign AG cases
Bugzilla #1551364 Certificate Misissuance

SwissSign: "Some-State" in stateOrProvinceName

RESOLVED FIXED SwissSign AG
AI Summary

SwissSign AG reported a misissuance of a certificate containing 'Some-State' in the stateOrProvinceName field, which is a default value in OpenSSL CSRs and was not validated. This misissuance violated BR section 7.1.4.2.2(f), which requires the field to contain verified state or province information. The issue was identified on May 13, 2019, and the certificate was revoked within 24 hours. SwissSign has since improved their RAO checklists and conducted additional training to prevent future occurrences.

Model: gpt-4o-mini Generated: 2026-06-13 18:13 UTC Confidence: 0.90
Chronology
  1. SwissSign became aware of the misissuance via a post in mozilla.dev.security.policy.
  2. Certificate was revoked and an incident report was published.
Participants
Wayne Thayer Timo Schmitt Ryan Sleevi
External References
Original Bugzilla Case bugzilla.mozilla.org
Similar Local Cases
#1613334 RESOLVED Certificate Misissuance Opened 2020-02-05 · Closed 2023-02-22 · 67% similar
SwissSign: Misissuance with mispellings in Location for a number of Certificates
AI Summary CA Owner
#1428877 RESOLVED Certificate Misissuance Opened 2018-01-08 · Closed 2023-02-22 · 66% similar
SwissSign: Invalid DNSName in SAN
AI Summary CA Owner
#1569651 RESOLVED Certificate Misissuance Opened 2019-07-29 · Closed 2023-02-22 · 65% similar
SwissSign: Misissuance of Leaf Certificates because of incorrect postcode
AI Summary CA Owner
#1551375 RESOLVED Certificate Misissuance Opened 2019-05-14 · Closed 2023-02-22 · 61% similar
certSIGN: "Some-State" in stateOrProvinceName
AI Summary CA Owner
#1551363 RESOLVED Certificate Misissuance Opened 2019-05-14 · Closed 2023-02-22 · 61% similar
DigiCert: "Some-State" in stateOrProvinceName
AI Summary CA Owner
#1551372 RESOLVED Certificate Misissuance Opened 2019-05-14 · Closed 2023-02-22 · 60% similar
Telia: "Some-State" in stateOrProvinceName
AI Summary CA Owner
#1443731 RESOLVED Certificate Misissuance Opened 2018-03-07 · Closed 2023-02-22 · 59% similar
SwissSign: Cert issued with a to long validity period
AI Summary CA Owner
#1520299 RESOLVED Certificate Misissuance Opened 2019-01-15 · Closed 2023-02-22 · 58% similar
Hongkong Post / Certizen: Failure to report misissuance
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action