← HARICA cases
Bugzilla #1699796 Certificate Problem Report

HARICA: Certificates with invalid policy tree

RESOLVED FIXED HARICA
AI Summary

HARICA identified 33 non-expired TLS certificates issued with invalid policy identifiers not included in the Issuing CA's certificatePolicies extension. These certificates were from a legacy CA that ceased operations in May 2019. Following internal checks and discussions within the CA/B Forum, HARICA confirmed the non-compliance and scheduled revocation of the affected certificates within five days. The certificates were ultimately revoked on March 24, 2021, after a thorough investigation and outreach to affected subscribers.

Model: gpt-4o-mini Generated: 2026-06-13 21:12 UTC Confidence: 0.90
Chronology
  1. Discussion at CA/B Forum raises alarm for further investigation
  2. Internal checks identify 33 non-compliant certificates
  3. Initial incident report filed in Bugzilla
  4. Affected certificates revoked
Participants
Dimitris Zacharopoulos
External References
Original Bugzilla Case crt.sh
Similar Local Cases
#1535509 RESOLVED Certificate Problem Report Opened 2019-03-15 · Closed 2023-02-22 · 60% similar
HARICA: Insufficient serial number entropy
AI Summary CA Owner
#1878106 RESOLVED Certificate Problem Report Opened 2024-02-01 · Closed 2024-03-08 · 59% similar
HARICA: Anomaly in OCSP services after CA software upgrade
AI Summary CA Owner
#1535772 RESOLVED Certificate Problem Report Opened 2019-03-15 · Closed 2023-02-22 · 59% similar
HARICA: wrong characters in NC extension of Technically Constrained Intermediate CA Certificates
AI Summary CA Owner
#1580393 RESOLVED Certificate Problem Report Opened 2019-09-11 · Closed 2022-11-14 · 57% similar
HARICA: OCSP Responder Returned "Unauthorized" for Some Precertificates
AI Summary CA Owner
#1649945 RESOLVED Certificate Problem Report Opened 2020-07-02 · Closed 2023-02-22 · 57% similar
HARICA: Incorrect OCSP Delegated Responder Certificate
AI Summary CA Owner
#1963629 RESOLVED Certificate Problem Report Opened 2025-04-30 · Closed 2025-07-08 · 56% similar
HARICA: One of the two Certificate Problem Report email aliases not working
AI Summary CA Owner
#1942130 RESOLVED Certificate Problem Report Opened 2025-01-16 · Closed 2025-05-01 · 56% similar
HARICA: S/MIME certificate issuance without proper validation
AI Summary CA Owner
#2017845 ASSIGNED Certificate Problem Report Opened 2026-02-19 Still Open · 50% similar
HARICA: Incorrect nCAId in PSD2 QCStatement for QWACs
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action