← Microsoft Corporation cases
Bugzilla #1705419 Certificate Problem Report

Microsoft PKI Services: Underscore in SAN

RESOLVED FIXED Microsoft Corporation
AI Summary

Microsoft PKI Services encountered an issue where two certificates were issued containing underscores in the Subject Alternative Name (SAN), which is not compliant with CAB Forum guidelines. The problem was reported by DigiCert, leading to an immediate internal investigation. Microsoft halted all certificate issuance and revoked the affected certificates. They are also implementing a new linting tool, ZLint, to prevent future occurrences. The root cause was identified as a flaw in their internal linting tool that failed to check for underscores correctly.

Model: gpt-4o-mini Generated: 2026-06-13 21:14 UTC Confidence: 0.95
Chronology
  1. Bugzilla incident opened
  2. Issue reported by DigiCert
  3. Internal investigation started
  4. Service shut down procedure began
  5. Affected certificates revoked
  6. Post issuance linting with ZLint implemented
Participants
Michel Le Bihan John Mason Mohan R Ryan Sleevi
External References
Original Bugzilla Case
Similar Local Cases
#1718991 RESOLVED Certificate Problem Report Opened 2021-07-02 · Closed 2024-05-09 · 70% similar
Microsoft PKI Services: Malformed ICAs (Key Usage Malformed)
AI Summary CA Owner
#1740585 RESOLVED Certificate Problem Report Opened 2021-11-10 · Closed 2024-05-09 · 67% similar
Microsoft PKI Services: Unrevoked 4 intermediate certificates
AI Summary CA Owner
#1711147 RESOLVED Certificate Problem Report Opened 2021-05-13 · Closed 2023-02-22 · 65% similar
Microsoft PKI Services: Malformed ICAs (missing certificate policy extensions)
AI Summary CA Owner
#1598390 RESOLVED Certificate Problem Report Opened 2019-11-21 · Closed 2024-05-09 · 63% similar
Microsoft PKI Services: Null Character Bug and Microsoft Root CAs
AI Summary CA Owner
#1879552 RESOLVED Certificate Problem Report Opened 2024-02-09 · Closed 2024-03-29 · 61% similar
Microsoft PKI Services: OCSP Responder does not know a Certificate
AI Summary CA Owner
#1793443 RESOLVED Certificate Problem Report Opened 2022-10-03 · Closed 2024-05-09 · 61% similar
Microsoft PKI Services: "unknown" OCSP response for issued certificates
AI Summary CA Owner
#1705791 RESOLVED Certificate Problem Report Opened 2021-04-16 · Closed 2023-02-22 · 60% similar
Telekom Security: Multiple commonName in certificates
AI Summary CA Owner
#1716123 RESOLVED Certificate Problem Report Opened 2021-06-12 · Closed 2024-05-25 · 60% similar
e-commerce monitoring GmbH: CN domain not in SAN
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action