← GoDaddy cases
Bugzilla #1793848
Self Incident Disclosure
GoDaddy: Failure to revoke 210 subscriber certificates within 24 hours
RESOLVED
FIXED
GoDaddy
This summary was auto-generated by AI and revised by me when needed — accuracy improves with each update.
Always refer to the official Bugzilla thread as the authoritative source.
If you spot an inaccuracy, let me know via the contact form.
AI Summary
GoDaddy experienced a failure to revoke 210 subscriber certificates within the required 24-hour timeframe, violating the Baseline Requirements for Publicly Trusted SSL certificates. The issue was identified on September 23, 2022, when the PKI Engineering team confirmed that the revocation requests had not been processed as expected. All affected certificates were revoked the same day, and monitoring systems were updated to prevent future occurrences. The root cause was linked to a bug in the integration of a new event queue system introduced in April 2020, which caused revocation requests to go unprocessed under certain conditions.
Chronology
- RA team noticed delayed revocation request and escalated to PKI Engineering
- PKI Engineering confirmed issue and identified root cause
- PKI Engineering revoked all 210 certificates
- PKI team deployed a failsafe to process delayed revocation requests automatically
Participants
Jessica Coover
Brittany Randall
Chris Clements
External References
Similar Local Cases
GoDaddy: CRLs are version 1 and lack CRL Number extension
GoDaddy: Failure to Revoke Subscriber Certificates within 24 hours
GoDaddy: OV Documentation Reuse
GoDaddy: Root CRLs exceed maximum validity period by 1 second
GoDaddy: Revocation process is unusable due to contact address not accepting attachments
GoDaddy: Delayed CRL File Updates
GoDaddy: CA Certificates with HTTPS URL in AIA Field
GoDaddy: Agreed-Upon Website Domain Validation Method Issue