← Entrust cases
Bugzilla #1667448 Certificate Problem Report

Entrust: Incorrect keyUsage for ECC certificate

RESOLVED FIXED Entrust
AI Summary

Entrust identified an issue where an ECC SSL certificate was incorrectly issued with a keyUsage value of keyEncipherment, contrary to RFC 5480 requirements. The problem was discovered on September 25, 2020, during a compliance check using post-issuance linting software. Following the discovery, the affected certificate was revoked, and an investigation was initiated to determine the cause. The root of the issue was traced back to a bug in the enrollment software that allowed an ECC key request to be processed by a CA configured for RSA keys. Entrust has since updated its linting software to prevent future occurrences.

Model: gpt-4o-mini Generated: 2026-06-13 21:24 UTC Confidence: 0.90
Chronology
  1. Entrust compliance team discovered the incorrect keyUsage during a routine check.
  2. Certificate with incorrect keyUsage was issued and subsequently revoked.
  3. Entrust updated its pre-issuance linting software to prevent future misissuance.
Participants
Bruce Morton Ryan Sleevi
External References
Original Bugzilla Case crt.sh
Similar Local Cases
#1744827 RESOLVED Certificate Problem Report Opened 2021-12-07 · Closed 2024-03-08 · 72% similar
Entrust: SSL Certificates issued with Un-verified IP Addresses
AI Summary CA Owner
#1448986 RESOLVED Certificate Problem Report Opened 2018-03-26 · Closed 2023-02-22 · 70% similar
Entrust: IP Address in dNSName form
AI Summary CA Owner
#1635096 RESOLVED Certificate Problem Report Opened 2020-05-04 · Closed 2023-02-22 · 70% similar
Entrust: Printable String Constraint Failure
AI Summary CA Owner
#1512018 RESOLVED Certificate Problem Report Opened 2018-12-04 · Closed 2023-02-22 · 69% similar
Entrust: Certificate issued with '-' in ST field
AI Summary CA Owner
#1627346 RESOLVED Certificate Problem Report Opened 2020-04-03 · Closed 2023-02-22 · 69% similar
Entrust: S/MIME Certificate Issued with Incorrect Policy OID
AI Summary CA Owner
#1636339 RESOLVED Certificate Problem Report Opened 2020-05-08 · Closed 2023-02-22 · 69% similar
Entrust: Failure to revoke a certificate
AI Summary CA Owner
#1521520 RESOLVED Certificate Problem Report Opened 2019-01-21 · Closed 2023-02-22 · 66% similar
Entrust: Late revocation of underscore certificate
AI Summary CA Owner
#1748634 RESOLVED Certificate Problem Report Opened 2022-01-05 · Closed 2023-02-22 · 65% similar
Entrust: Late Revocation for SSL Certificates issued with Un-verified IP Addresses
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action