← Entrust cases
Bugzilla #1552562
Certificate Misissuance
Entrust: Question marks in certificate O and L fields
RESOLVED
FIXED
Entrust
AI Summary
Entrust issued an SSL certificate with question marks in the Organization (O) and Locality (L) fields instead of the expected Unicode characters. The issue was traced back to a bug in the data handling process where verified Unicode data was incorrectly copied as ASCII, resulting in the loss of character integrity. Although the certificate was revoked and a patch was deployed, Entrust acknowledged a lack of transparency in reporting the misissuance. They have since implemented additional monitoring and testing procedures to prevent similar issues in the future.
Chronology
- Certificate issued
- Miss-issue certificate discovered
- Certificate revoked
- Patch deployed
Participants
Bruce Morton
Ryan Sleevi
Wayne Thayer
External References
Similar Local Cases
Entrust: SHA-1 Issuance and other misissuance while testing
Entrust: Certificate issued with validity greater than 825-days
Entrust: Subscriber provides private key with CSR
Entrust: Late mis-issue certificate revocation
Entrust: Issued Certificates to incorrect Organization
Entrust: SHA-256 hash algorithm used with ECC P-384 key
Entrust: IP in dnsName
Entrust: Jurisdiction Locality Wrong in EV Certificate