← Microsec Ltd. cases
Bugzilla #1728384
Certificate Misissuance
Microsec: Misissuance of one OV certificate with Key Usage KeyEncipherment
RESOLVED
FIXED
Microsec Ltd.
AI Summary
Microsec Ltd. reported a misissuance of an OV certificate with an incorrect Key Usage setting. The issue was identified on August 31, 2021, when a notification email was received. The certificate was revoked the same day after an investigation confirmed a configuration problem in the certificate profile management. Since the incident, Microsec has implemented several measures to prevent similar occurrences, including training for Registration Officers and regular audits of issued certificates. The case has been resolved with no further actions planned.
Chronology
- Received notification of misissued certificate
- Certificate revoked
- Training for Registration Officers conducted
- Quarterly self-audit completed
Participants
dr. Sándor SZŐKE
External References
Similar Local Cases
Microsec: Certificate validity period greater than 398 days
Microsec: Misissuance an EV TLS certificate without CPSuri
Microsec: Validity period greater than 825 days
Microsec: Non-BR-Compliant Certificate Issuance
Microsec: Failure to revoke noncompliant ICA within 7 days
Sectigo: Incorrect EV businessCategory
SSL.com: Wildcard DV certificate issued with a non-validated domain name
NAVER Cloud Trust Services: Certificate issued with incorrect OCSP URI in AIA