← Netlock cases
Bugzilla #1676367
Certificate Misissuance
NetLock: Issuance of >398-day precertificates after 2020-09-01
RESOLVED
FIXED
Netlock
AI Summary
NetLock faced an issue with the issuance of precertificates exceeding 398 days, which was identified after a validation review. The problem arose from a configuration error in their DV system that allowed the issuance of longer certificates before the new rule was enforced. Following the discovery, NetLock took immediate action to disable the issuance of such certificates and implemented new test cases to prevent recurrence. The case has been resolved, with no further issuance of problematic certificates.
Chronology
- Configuration set to allow 2-year certificates.
- New rule limiting certificates to 398 days lifted.
- Disabled issuance of >398-day SSL certificates.
Participants
Rob Stradling
Varga Viktor
Ben Wilson
Ryan Sleevi
External References
Similar Local Cases
NetLock: Non-BR-Compliant Certificate Issuance
NetLock: CN not in SAN
Sectigo: Invalid stateOrProvinceName
Dhimyotis / Certigna: Certificates issued with validity periods greater than 398-days
eMudhra: emSign CA ECC Test Certificate Misissuance
IdenTrust: Validation Source for EV Certificates not Publicly Disclosed
Izenpe: certificate issued to internal domain
Sectigo: Incorrect JOI for federal credit unions