← IdenTrust Services, LLC cases
Bugzilla #1758213
Certificate Problem Report
IdenTrust: Failure to provide OCSP responses for valid ICA certificates
RESOLVED
FIXED
IdenTrust Services, LLC
AI Summary
IdenTrust Services, LLC identified a failure in their OCSP responder, which did not provide valid status information for three ICA certificates. This issue was discovered during an internal audit and was attributed to a missed configuration step. The CA took immediate corrective action by loading the missing certificates into the OCSP database, ensuring compliance with CA/B Forum Baseline Requirements. The problem has since been resolved, and measures have been implemented to prevent future occurrences.
Chronology
- Discovered lack of valid OCSP response for identified ICAs.
- Confirmed issue and loaded missing ICA certificates into OCSP database.
- Finalized path forward for permanent resolution.
- OCSP responders began monitoring.
- Case closed by Mozilla.
Participants
IdenTrust
Mozilla
External References
Similar Local Cases
IdenTrust: Bad OCSP Responses
IdenTrust: Pre-certificates without a final certificate showing OCSP error
IdenTrust: Missing Revocation Reasons in CRL
IdenTrust: Unavailable CRL for IdenTrust ‘DST Root CA X3’.
IdenTrust: TLS self audit testing below 3%
IdenTrust: Expired CRLs
IdenTrust: Certificate with missing details flagged by OCSP Watch
IdenTrust: CRL Potential Publication Delay due to Cache