← Sectigo cases
Bugzilla #1723263 Certificate Misissuance

Sectigo: IP Address Domain Validation Failure

RESOLVED INVALID Sectigo
AI Summary

This case involves a report of mis-issued certificates by Sectigo due to BGP hijacking. The reporter demonstrated that by hijacking an IP prefix, they were able to obtain certificates for those IPs without legitimate ownership. While the discussion highlighted the potential for mis-issuance, it was concluded that this issue is not unique to Sectigo, as BGP hijacking poses a broader risk to both IP address and DNS validation methods. The case was ultimately marked as resolved with an invalid status, indicating that the concerns raised were acknowledged but not deemed a compliance incident.

Model: gpt-4o-mini Generated: 2026-06-13 20:57 UTC Confidence: 0.80
Chronology
  1. Initial report of mis-issued certificates due to BGP hijacking.
  2. Further investigation revealed additional successful certificate issuances.
  3. Discussion concluded with the case being marked as resolved/invalid.
Participants
Charles Wang Tim Callan Ryan Sleevi Andrew Ayer
External References
Original Bugzilla Case crt.sh crt.sh crt.sh crt.sh crt.sh crt.sh crt.sh crt.sh crt.sh www.mozilla.org
Similar Local Cases
#1665763 RESOLVED Certificate Misissuance Opened 2020-09-17 · Closed 2023-02-22 · 66% similar
Sectigo: Failure to revoke within 5 days
AI Summary CA Owner
#1714628 RESOLVED Certificate Misissuance Opened 2021-06-04 · Closed 2023-02-22 · 65% similar
Sectigo: Forbidden Domain Validation Method
AI Summary CA Owner
#1712188 RESOLVED Certificate Misissuance Opened 2021-05-20 · Closed 2023-02-22 · 65% similar
Sectigo: test certificates issued from trusted CA
AI Summary CA Owner
#1715929 RESOLVED Certificate Misissuance Opened 2021-06-11 · Closed 2023-02-22 · 65% similar
Sectigo: Incorrect EV businessCategory
AI Summary CA Owner
#1710243 RESOLVED Certificate Misissuance Opened 2021-05-08 · Closed 2023-02-22 · 64% similar
Sectigo: Invalid stateOrProvinceName
AI Summary CA Owner
#1741026 RESOLVED Certificate Misissuance Opened 2021-11-13 · Closed 2023-02-22 · 64% similar
Sectigo: Incorrect JOI for federal credit unions
AI Summary CA Owner
#1712120 RESOLVED Certificate Misissuance Opened 2021-05-20 · Closed 2023-02-22 · 63% similar
Sectigo: Inappropriate subject:serialNumber information in EV certificates obtained through ACME
AI Summary CA Owner
#1720744 RESOLVED Certificate Misissuance Opened 2021-07-15 · Closed 2023-02-22 · 63% similar
Sectigo: State name in localityName
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action