← IdenTrust Services, LLC cases
Bugzilla #1678410 Certificate Problem Report

IdenTrust: Invalid OCSP Response Held in Cache

RESOLVED FIXED IdenTrust Services, LLC
AI Summary

IdenTrust experienced an issue where an invalid OCSP response was held in cache after deploying a new OCSP signing certificate. This led to validation errors for some relying parties of Let's Encrypt subordinate CAs cross-signed by DST Root CA X3. The problem was identified on October 16, 2020, when connectivity alerts were triggered due to excessive traffic overload, resulting in a temporary outage. The cache issue persisted until the old responses expired, which could have affected clients during that time. IdenTrust has since implemented remediation steps to prevent recurrence.

Model: gpt-4o-mini Generated: 2026-06-13 21:13 UTC Confidence: 0.90
Chronology
  1. New OCSP response signed, old response cached
  2. Delegated OCSP signing certificate expired
  3. Connectivity alert issued
Participants
IdenTrust
External References
Original Bugzilla Case
Similar Local Cases
#2004492 RESOLVED Certificate Problem Report Opened 2025-12-05 · Closed 2026-02-05 · 60% similar
IdenTrust: CA Certificate not published in DER Encoded Format
AI Summary CA Owner
#1838315 RESOLVED Certificate Problem Report Opened 2023-06-13 · Closed 2023-10-12 · 60% similar
IdenTrust: Certificate with missing details flagged by OCSP Watch
AI Summary CA Owner
#1853447 RESOLVED Certificate Problem Report Opened 2023-09-15 · Closed 2023-10-12 · 59% similar
IdenTrust: Temporarily Expired CRLs
AI Summary CA Owner
#1806728 RESOLVED Certificate Problem Report Opened 2022-12-20 · Closed 2023-05-05 · 59% similar
IdenTrust: Bad OCSP Responses
AI Summary CA Owner
#1718552 RESOLVED Certificate Problem Report Opened 2021-06-28 · Closed 2023-02-22 · 59% similar
IdenTrust: Certificates with Invalid values for stateOrProvinceName
AI Summary CA Owner
#1635279 RESOLVED Certificate Problem Report Opened 2020-05-04 · Closed 2023-02-22 · 59% similar
IdenTrust: Incorrect Subject Details for HydrantId
AI Summary CA Owner
#1636544 RESOLVED Certificate Problem Report Opened 2020-05-08 · Closed 2023-02-22 · 59% similar
IdenTrust: OCSP Outage
AI Summary CA Owner
#2016585 ASSIGNED Certificate Problem Report Opened 2026-02-12 Still Open · 58% similar
IdenTrust: Test Certificates from cross-signed roots not disclosed in CT Logs
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action