← SwissSign AG cases
Bugzilla #1662137
Certificate Problem Report
SwissSign: OCSP responder unreachable
RESOLVED
FIXED
SwissSign AG
AI Summary
SwissSign AG reported an issue with their OCSP responder being unreachable, initially detected on August 31, 2020. The problem stemmed from a misconfiguration in their BGP settings, which was compounded by a massive DDoS attack. After several attempts to restore service, including hardware failures and subsequent fixes, the OCSP service was stabilized with the implementation of additional DDoS protection. The case was resolved with the acknowledgment that the OCSP service is now stable and operational.
Chronology
- OCSP service detected as down
- Confirmed DDoS attack and implemented protective measures
- OCSP service up but unstable due to ongoing attacks
- Additional DDoS protection implemented
- Service confirmed stable with no significant impact from attacks
Participants
Mike Guenther
bwilson@mozilla.com
External References
Similar Local Cases
SwissSign: failure to provide a preliminary report within 24 hours
SwissSign: CP/CPS certificate profile issue
SwissSign: Failure to provide a preliminary report within 24 hours.
SwissSign: duplicate serial number
SwissSign: Invalid stateOrProvinceName field
SwissSign: duplicate serial number
SwissSign: 'c/o' in streetAddress of EV certificate
SwissSign: Error in OrganisationIdentifier in signature/seal certificate