← Deutsche Telekom Security GmbH cases
Bugzilla #1703528 Certificate Problem Report

Telekom Security: Key Encipherment in two ECC SAN TLS certificates

RESOLVED FIXED Deutsche Telekom Security GmbH
AI Summary

Deutsche Telekom Security GmbH identified an issue where two ECC SAN TLS certificates were incorrectly issued with the Key Usage set to 'Key Encipherment'. The certificates were revoked within 24 hours of issuance. The problem arose during a change to extend CT logs, which led to an incorrect template being referenced. An internal investigation revealed that the error was due to a misconfiguration in the production environment, which was not present in the test environment. The CA has since implemented measures to prevent such occurrences in the future.

Model: gpt-4o-mini Generated: 2026-06-13 21:21 UTC Confidence: 0.90
Chronology
  1. Two ECC SAN TLS certificates issued
  2. Certificates revoked
Participants
Arnold Essing Ryan Sleevi
External References
Original Bugzilla Case
Similar Local Cases
#1655698 RESOLVED Certificate Problem Report Opened 2020-07-28 · Closed 2023-02-22 · 70% similar
Telekom Security: CRL also contained unrevoked certificates
AI Summary CA Owner
#1705791 RESOLVED Certificate Problem Report Opened 2021-04-16 · Closed 2023-02-22 · 69% similar
Telekom Security: Multiple commonName in certificates
AI Summary CA Owner
#1675314 RESOLVED Certificate Problem Report Opened 2020-11-04 · Closed 2023-02-22 · 65% similar
Telekom Security: Wrong jurisdiction entries in certificates
AI Summary CA Owner
#1914383 RESOLVED Certificate Problem Report Opened 2024-08-22 · Closed 2024-12-11 · 60% similar
Telekom Security: CRL-Entries with wrong CRL Reason Codes
AI Summary CA Owner
#1875820 RESOLVED Certificate Problem Report Opened 2024-01-22 · Closed 2024-08-03 · 59% similar
Telekom Security: TLS certificates with basicConstraints not marked as critical
AI Summary CA Owner
#1825780 RESOLVED Certificate Problem Report Opened 2023-03-31 · Closed 2023-07-05 · 58% similar
Telekom Security: Improper use of a domain validation method
AI Summary CA Owner
#1558552 RESOLVED Certificate Problem Report Opened 2019-06-11 · Closed 2023-02-22 · 52% similar
SwissSign: CP/CPS certificate profile issue
AI Summary CA Owner
#1705419 RESOLVED Certificate Problem Report Opened 2021-04-15 · Closed 2023-02-22 · 52% similar
Microsoft PKI Services: Underscore in SAN
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action