← Certigna cases
Bugzilla #1667744
Certificate Misissuance
Dhimyotis / Certigna: Certificates issued with validity periods greater than 398-days
RESOLVED
FIXED
Certigna
AI Summary
Certigna issued certificates with validity periods exceeding the maximum allowed duration of 398 days due to a configuration error. This issue was identified shortly after the new rules took effect on September 1, 2020. Certigna acknowledged the mistake and promptly updated their certificate generation service to ensure compliance. They have since revoked all affected certificates and implemented measures to prevent future occurrences. The incident was resolved with all problematic certificates being revoked by October 26, 2020.
Chronology
- Issue reported regarding certificates exceeding validity period.
- Certigna confirmed the configuration error and began revocation process.
- All affected certificates were revoked.
Participants
Rob Stradling
Josselin Allemandou
R. Delval
Ryan Sleevi
B. Wilson
External References
Similar Local Cases
Certigna: TLS certificates with Basic constraint non-critical
Certigna: certificates issued with 2 SCT
Microsec: Certificate validity period greater than 398 days
GlobalSign: RSA-1024 leaf certificate issued after 2013-12-31
Entrust: Subscriber provides private key with CSR
NetLock: Issuance of >398-day precertificates after 2020-09-01
Entrust: Certificate issued with validity greater than 825-days
Certigna: Issuance without respecting CAA records