← Sectigo cases
Bugzilla #1715929
Certificate Misissuance
Sectigo: Incorrect EV businessCategory
RESOLVED
FIXED
Sectigo
AI Summary
Sectigo identified an issue with two EV certificates that contained incorrect businessCategory information. The problem was reported on June 3, 2021, and was confirmed the following day. Both certificates were revoked on June 8, 2021. The misissuance was attributed to human error, and Sectigo has since implemented measures to prevent similar occurrences in the future, including a project to enhance validation checks for certificate issuance. The incident has been resolved, and the company is committed to improving its processes.
Chronology
- Inbound report received regarding incorrect businessCategory.
- Investigation concluded and misissuance confirmed.
- Both certificates revoked.
Participants
Tim Callan
Ryan Sleevi
External References
Similar Local Cases
Sectigo: State name in localityName
Sectigo: test certificates issued from trusted CA
Sectigo: Incorrect JOI for federal credit unions
Sectigo: Invalid stateOrProvinceName
Sectigo: Inappropriate subject:serialNumber information in EV certificates obtained through ACME
Sectigo: Failure to revoke within 5 days
Sectigo: Forbidden Domain Validation Method
Sectigo: IP Address Domain Validation Failure