← TrustCor Systems cases
Bugzilla #1568356
Certificate Misissuance
TrustCor: Incorrect CA-Issuers URI
RESOLVED
FIXED
TrustCor Systems
AI Summary
TrustCor Systems identified an issue with two certificates containing an incorrect CA-Issuers URI during their post-issuance CT log monitoring. The problem was promptly addressed by suspending certificate issuance, revoking the affected certificates, and correcting the internal certificate profile. TrustCor implemented software improvements to prevent similar mis-issuances in the future. The case was resolved with no further community concerns raised.
Chronology
- TrustCor becomes aware of the issue and suspends certificate issuance.
- Revocation of the affected certificates completed.
- Emergency Change Order completed to correct profile values.
- TrustCor concludes that remediations are sufficient after no further community input.
Participants
Wayne Thayer
Neil Dunbar
External References
Similar Local Cases
QuoVadis: Certificate containing Debian weak key
DigiCert: Internal Domain Name cert mis-issuance
IdenTrust: Improper encoding of wildcard certificate
Asseco DS / Certum: Non-BR-Compliant Issuance - Debian Weak Keys
DigiCert: Domain validation skipped
Telia: "Some-State" in stateOrProvinceName
SwissSign: Invalid DNSName in SAN
GoDaddy: Random Value Vulnerability in Domain Validation Method