← certSIGN cases
Bugzilla #1551375 Certificate Misissuance

certSIGN: "Some-State" in stateOrProvinceName

RESOLVED FIXED certSIGN
AI Summary

certSIGN issued a certificate with a stateOrProvinceName of "Some-State", a default value in OpenSSL CSRs, indicating a lack of validation. The certificate was revoked the day after its discovery on May 11, 2019. An incident report was requested, detailing the timeline of events and the measures taken to prevent future occurrences. certSIGN acknowledged the issue and implemented technical controls to check for default values in the stateOrProvinceName field. The incident highlighted the need for improved validation processes within the CA's operations.

Model: gpt-4o-mini Generated: 2026-06-13 18:13 UTC Confidence: 0.90
Chronology
  1. Problem reported via email; certificate identified and revoked.
  2. Bug raised on Bugzilla regarding the issue.
  3. Incident report submitted by certSIGN.
  4. Update to CSR checker deployed to production.
Participants
Wayne Thayer Cristian Garabet Ryan Sleevi
External References
Original Bugzilla Case misissued.com wiki.mozilla.org
Similar Local Cases
#1551363 RESOLVED Certificate Misissuance Opened 2019-05-14 · Closed 2023-02-22 · 63% similar
DigiCert: "Some-State" in stateOrProvinceName
AI Summary CA Owner
#1563574 RESOLVED Certificate Misissuance Opened 2019-07-04 · Closed 2023-02-22 · 61% similar
SECOM: Failure to disclose Unconstrained Intermediate within 7 Days
AI Summary CA Owner
#1551364 RESOLVED Certificate Misissuance Opened 2019-05-14 · Closed 2023-02-22 · 61% similar
SwissSign: "Some-State" in stateOrProvinceName
AI Summary CA Owner
#1548714 RESOLVED Certificate Misissuance Opened 2019-05-02 · Closed 2023-02-22 · 59% similar
SECOM: "Default City" in Subject:localityName
AI Summary CA Owner
#1462423 RESOLVED Certificate Misissuance Opened 2018-05-17 · Closed 2023-02-22 · 59% similar
NetLock: CN not in SAN
AI Summary CA Owner
#1582601 RESOLVED Certificate Misissuance Opened 2019-09-20 · Closed 2023-02-22 · 58% similar
E-Tugra: Invalid DER results in failure to comply with RFC 5280 - Violating string length limit
AI Summary CA Owner
#1551372 RESOLVED Certificate Misissuance Opened 2019-05-14 · Closed 2023-02-22 · 58% similar
Telia: "Some-State" in stateOrProvinceName
AI Summary CA Owner
#1551369 RESOLVED Certificate Misissuance Opened 2019-05-14 · Closed 2023-02-22 · 58% similar
Kamu SM: "Some-State" in stateOrProvinceName
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action