DigiCert: Malformed ICA

DigiCert reported a significant incident involving the issuance of intermediate CA certificates that did not comply with Mozilla's baseline requirements. The issue was identified during a post-issuance review, revealing that several ICAs lacked necessary extensions and contained improper profiles. Following the discovery, DigiCert halted all new certificate ceremonies until automation improvements were implemented to prevent future occurrences.

1. 2020-07-24 Incident reported and initial investigation began.
2. 2020-07-27 Additional checks and improvements to ICA process discussed.
3. 2020-08-10 Updated incident report requested.
4. 2020-12-09 Public Key Ceremony completed with new automation tool.