← Telia Company cases
Bugzilla #1637854
Certificate Problem Report
Telia: AIA CA Issuer field pointing to PEM encoded cert
RESOLVED
FIXED
Telia Company
AI Summary
Telia Company identified an issue where the AIA CA Issuer field in their certificates pointed to PEM encoded files instead of the required DER format. This was discovered on May 11, 2020, following a user report. The CA took immediate action, confirming the issue and replacing the affected certificates by May 13, 2020. Importantly, no end entity certificates were misissued, and the problem was resolved without requiring revocation. Telia has since implemented new monitoring solutions to prevent similar issues in the future.
Chronology
- Notification received about AIA CA Issuer field issue.
- Investigation confirmed the issue and resolution began.
- All affected CA certificate files replaced with DER encoded versions.
- New AIA link monitoring solutions implemented.
Participants
pekka.lahtiharju@teliasonera.com
ryan.sleevi@gmail.com
External References
Similar Local Cases
Telia: Invalid email contact address was used for few domains
Telia: Two Intermediate CA certificates not listed in audit report
Telia: Issued three precertificates with non-NIST EC curve
Telia: Certificates with RSA keys where modulus is not divisible by 8
Telia: Delayed revocation of 5 EE certificates in connection to id=1736020
Telia: Inccorrect CRL URL on a Root CA record in CCADB
Telia: Disallowed curve (P-521) in leaf certificate
Telia: Delayed revocation of seven (7) certificates related to incident 1896108