← Microsoft Corporation cases
Bugzilla #1620727 Certificate Problem Report

Microsoft DSRE PKI: OCSP responders found to respond signed by the default CA when passed an invalid issuer in request

RESOLVED DUPLICATE Microsoft Corporation
AI Summary

Microsoft's OCSP responder was found to incorrectly respond with a certificate signed by the default OCSP responder when an invalid serial number was requested. The issue was reported by a security researcher and subsequently investigated by Microsoft and their OCSP service provider, GlobalSign. It was confirmed that no non-compliant certificates were issued, and a fix was implemented promptly. The case was marked as a duplicate of another Bugzilla report that tracked the issue.

Model: gpt-4o-mini Generated: 2026-06-13 21:11 UTC Confidence: 1.00
Chronology
  1. CA team notified of the issue by email
  2. OCSP fix implemented for all GlobalSign production instances
Participants
Julio Montano wthayer@fastly.com
External References
Original Bugzilla Case bugzilla.mozilla.org bugzilla.mozilla.org
Related Bugzilla IDs Mentioned
#1604124 #1605372
Similar Local Cases
#1598390 RESOLVED Certificate Problem Report Opened 2019-11-21 · Closed 2024-05-09 · 57% similar
Microsoft PKI Services: Null Character Bug and Microsoft Root CAs
AI Summary CA Owner
#1602999 RESOLVED Certificate Problem Report Opened 2019-12-11 · Closed 2024-05-09 · 57% similar
Microsoft PKI Services: Loss of Archived Firewall logs from Retention Store
AI Summary CA Owner
#1604124 RESOLVED Certificate Problem Report Opened 2019-12-16 · Closed 2023-02-22 · 57% similar
Microsoft DSRE PKI: problem reporting e-mail in CPS does not work
AI Summary CA Owner
#1605372 RESOLVED Certificate Problem Report Opened 2019-12-20 · Closed 2023-02-22 · 57% similar
GlobalSign: OCSP responders found to respond signed by the default CA when passed an invalid issuer in request
AI Summary CA Owner
#1711147 RESOLVED Certificate Problem Report Opened 2021-05-13 · Closed 2023-02-22 · 50% similar
Microsoft PKI Services: Malformed ICAs (missing certificate policy extensions)
AI Summary CA Owner
#1421820 RESOLVED Certificate Problem Report Opened 2017-11-29 · Closed 2022-11-14 · 50% similar
Microsoft DSRE PKI: Microsoft shares wildcard certificates among cloud instances
AI Summary CA Owner
#1879552 RESOLVED Certificate Problem Report Opened 2024-02-09 · Closed 2024-03-29 · 49% similar
Microsoft PKI Services: OCSP Responder does not know a Certificate
AI Summary CA Owner
#1534429 RESOLVED Certificate Problem Report Opened 2019-03-11 · Closed 2023-02-22 · 49% similar
Camerfirma: Multicert SSL CA 001: Insufficient serial number entropy
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action