← NAVER Cloud Trust Services cases
Bugzilla #1785865 Certificate Misissuance

NAVER Cloud Trust Services: DV certificate issued with no subject alternative name extension

RESOLVED FIXED NAVER Cloud Trust Services
AI Summary

NAVER Cloud Trust Services issued 21 DV certificates without the required Subject Alternative Name (SAN) extension for three test domains on August 18, 2022. The certificates were revoked within three hours of issuance upon detection of the error. The issue arose from a bug in their new internal certificate issuance system, which was promptly addressed by halting its use and implementing a Precertificate Linting procedure to prevent future occurrences. An internal audit later revealed a similar misissuance incident, but corrective measures were already in place to avoid recurrence.

Model: gpt-4o-mini Generated: 2026-06-13 20:55 UTC Confidence: 0.95
Chronology
  1. Initial issuance of certificates without SAN extension fields
  2. Detection of the missing SAN extension
  3. Revocation of all affected certificates
  4. Completion of Precertificate Linting procedure testing
  5. Release of automated Precertificate Linting procedure
  6. Discovery of an additional similar misissuance during internal audit
Participants
Han Yong, Park Matthias B. Wilson
External References
Original Bugzilla Case crt.sh crt.sh crt.sh crt.sh crt.sh crt.sh crt.sh crt.sh crt.sh crt.sh crt.sh crt.sh crt.sh crt.sh crt.sh crt.sh crt.sh crt.sh crt.sh crt.sh crt.sh
Similar Local Cases
#1843268 RESOLVED Certificate Misissuance Opened 2023-07-13 · Closed 2024-05-09 · 63% similar
NAVER Cloud Trust Services: OV certificate issued with OU field
AI Summary CA Owner
#1845269 RESOLVED Certificate Misissuance Opened 2023-07-25 · Closed 2023-09-29 · 63% similar
NAVER Cloud Trust Services: commonName not in SAN
AI Summary CA Owner
#1908130 RESOLVED Certificate Misissuance Opened 2024-07-16 · Closed 2024-08-28 · 63% similar
NAVER Cloud Trust Services: Incorrect keyUsage for ECC certificate
AI Summary CA Owner
#1866448 RESOLVED Certificate Misissuance Opened 2023-11-24 · Closed 2024-02-14 · 62% similar
NAVER Cloud Trust Services: DV Certificate issued with improperly validated
AI Summary CA Owner
#1673119 RESOLVED Certificate Misissuance Opened 2020-10-23 · Closed 2023-02-22 · 58% similar
Entrust: Subscriber provides private key with CSR
AI Summary CA Owner
#1908128 RESOLVED Certificate Misissuance Opened 2024-07-16 · Closed 2024-08-28 · 55% similar
NAVER Cloud Trust Services: Certificate issued with incorrect OCSP URI in AIA
AI Summary CA Owner
#1914020 RESOLVED Certificate Misissuance Opened 2024-08-20 · Closed 2024-09-13 · 52% similar
SwissSign: S/MIME NCP non ASCII symbols in email and SAN field wrong coding
AI Summary CA Owner
#1859314 RESOLVED Certificate Misissuance Opened 2023-10-16 · Closed 2024-01-26 · 50% similar
Telia: TLS certificates issued in violation of TLS BR v2.0.1
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action