← Sectigo cases
Bugzilla #1718579 Certificate Problem Report

Sectigo: "Manual DCV" method used

RESOLVED FIXED Sectigo
AI Summary

Sectigo identified issues related to the misuse of the legacy 'Manual DCV' method, which led to the issuance of certificates without proper validation. An investigation revealed that 15 certificates were affected, with some issued to unregistered domains. The company has since disabled the Manual DCV functionality and revoked the problematic certificates. The resolution involved a comprehensive code fix and ongoing monitoring to prevent future occurrences.

Model: gpt-4o-mini Generated: 2026-06-13 20:57 UTC Confidence: 1.00
Chronology
  1. Received a misissued certificate report from another CA.
  2. Deployed a code update to remove Manual DCV functionality.
  3. Revoked eleven additional certificates with Manual DCV.
  4. Proposed to close the bug after thorough community communication.
Participants
Tim Callan Ben Wilson
External References
Original Bugzilla Case bugzilla.mozilla.org bugzilla.mozilla.org bugzilla.mozilla.org
Similar Local Cases
#1715024 RESOLVED Certificate Problem Report Opened 2021-06-07 · Closed 2023-02-22 · 70% similar
Sectigo: Misspellings in stateOrProvince or localityName fields
AI Summary CA Owner
#1902748 RESOLVED Certificate Problem Report Opened 2024-06-14 · Closed 2024-08-28 · 68% similar
Sectigo: QWAC certificates issued with incorrect subject:organizationIdentifier attribute value
AI Summary CA Owner
#1724458 RESOLVED Certificate Problem Report Opened 2021-08-06 · Closed 2023-02-22 · 66% similar
Sectigo: Mojibake in certificate Subject fields
AI Summary CA Owner
#1741777 RESOLVED Certificate Problem Report Opened 2021-11-18 · Closed 2023-02-22 · 64% similar
Sectigo: OCSP responses directly signed using root certificates without KU=digitalSignature
AI Summary CA Owner
#1718785 RESOLVED Certificate Problem Report Opened 2021-06-30 · Closed 2024-06-30 · 64% similar
Sectigo: 2020 failure to respond to CPRs discovered
AI Summary CA Owner
#1694233 RESOLVED Certificate Problem Report Opened 2021-02-22 · Closed 2023-02-22 · 62% similar
Sectigo: Inadequate DCV
AI Summary CA Owner
#1698936 RESOLVED Certificate Problem Report Opened 2021-03-16 · Closed 2023-02-22 · 62% similar
Sectigo: ZeroSSL: failure to revoke within 24 hours
AI Summary CA Owner
#1708934 RESOLVED Certificate Problem Report Opened 2021-05-01 · Closed 2023-02-22 · 61% similar
Sectigo: Invalid postalCode field
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action