← GlobalSign nv-sa cases
Bugzilla #1623356 Certificate Misissuance

GlobalSign: Misissuance of QWAC Certificates

RESOLVED FIXED GlobalSign nv-sa
AI Summary

GlobalSign reported the misissuance of four QWAC certificates, three of which were found to be non-compliant. Issues included improper content in the Organization Identifier and missing required extensions. The CA has temporarily halted the issuance of QWAC certificates until validation agents are retrained and system patches are applied. A comprehensive incident report was created, detailing the timeline of events and corrective actions taken, including the implementation of a new internal format validator to prevent future occurrences.

Model: gpt-4o-mini Generated: 2026-06-13 21:18 UTC Confidence: 0.90
Chronology
  1. First non-compliant certificate issued
  2. First non-compliant certificate revoked
  3. Second non-compliant certificate issued
  4. Second non-compliant certificate revoked
  5. Third non-compliant certificate issued
  6. Third non-compliant certificate revoked
  7. Internal format validator created
Participants
douglas.beattie@gmail.com ryan.sleevi@gmail.com eva.vansteenberge@globalsign.com bwilson@mozilla.com
External References
Original Bugzilla Case crt.sh crt.sh crt.sh crt.sh www.etsi.org
Similar Local Cases
#1552586 RESOLVED Certificate Misissuance Opened 2019-05-17 · Closed 2023-02-22 · 65% similar
GlobalSign: 4 Misissued certificates with invalid CN
AI Summary CA Owner
#1547691 RESOLVED Certificate Misissuance Opened 2019-04-29 · Closed 2023-02-22 · 64% similar
GlobalSign: AT&T SSL certificates without the AIA extension
AI Summary CA Owner
#1736064 RESOLVED Certificate Misissuance Opened 2021-10-15 · Closed 2023-02-22 · 57% similar
Sectigo: Subject field with unvalidated information included in certificates
AI Summary CA Owner
#1678720 RESOLVED Certificate Misissuance Opened 2020-11-20 · Closed 2023-02-22 · 56% similar
SSL.com: Wildcard DV certificate issued with a non-validated domain name
AI Summary CA Owner
#1662382 RESOLVED Certificate Misissuance Opened 2020-09-01 · Closed 2023-02-22 · 55% similar
GDCA: Incorrect Value in organizationName Field
AI Summary CA Owner
#1724520 RESOLVED Certificate Misissuance Opened 2021-08-06 · Closed 2023-02-22 · 55% similar
SSL.com: Incorrect Domain Validation for 1 TLS certificate with FQDN having "www." string within domain labels
AI Summary CA Owner
#1674886 RESOLVED Certificate Misissuance Opened 2020-11-02 · Closed 2023-02-22 · 54% similar
certSIGN: misissued an OV SSL certificate with no organizationName and localityName, instead of a DV SSL as requested by client
AI Summary CA Owner
#1711432 RESOLVED Certificate Misissuance Opened 2021-05-17 · Closed 2023-02-22 · 54% similar
Telekom Security: Certificate with invalid FQDN
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action