← SSL.com cases
Bugzilla #1610000
CCADB Compliance
SSL.com: Intermediate certificate not listed in audit reports
RESOLVED
FIXED
SSL.com
AI Summary
SSL.com identified an issue where an intermediate certificate was not included in their audit reports. This was discovered through an ALV flag in CCADB, prompting an investigation that revealed the problem stemmed from an unsubmitted root certificate. The CA took steps to address the issue, including consulting with external auditors and updating their audit reports. The matter was resolved with the completion of an audit case, confirming compliance with Mozilla's policies.
Chronology
- Initial investigation into ALV flag
- Conferred with external auditors regarding options
- Incident filed (this bug)
- Audit case completed, resolving the ALV issue
- Confirmation of issue resolution via updated audit statement
Participants
secauditor@ssl.com
wthayer@fastly.com
External References
Similar Local Cases
IdenTrust: Missing Thumbprints for Intermediate CA certificates In Some Annual Audit Reports
Firmaprofesional: 2019 audit Finding #2 - 6.4 Facility, management, and operational controls
Amazon Trust Services: ALV Errors
Sectigo: CCADB failed ALV - Network Solutions Certificate Authority
Amazon Trust Services: Overdue audit statements for intermediate certificates
DigiCert: Issues with CCADB entries
TWCA: Intermediate CA Certificate Missing from Audit Reports
SwissSign: Audit Letter Validation failures on intermediate certificates