← DigiCert cases
Bugzilla #2015186 · Certificate Problem Report
DigiCert: Subject Serial Numbers for Non-Commercial Entities
DigiCert · RESOLVED
AI Summary
A Certificate Problem Report was filed against DigiCert regarding discrepancies in the `Subject:serialNumber` field of EV certificates issued to Non-Commercial Entities. The investigation revealed that DigiCert's validation workflow allowed agents to revert to a generic identifier instead of using a specific identifier that was previously validated. As a result, 384 certificates were affected, leading to the revocation of 374 certificates and the expiration of 10 others. DigiCert has since implemented changes to their workflow to prevent similar issues in the future.
Chronology
- Third Party report received
- Preliminary Report filed
- Escalation tile implemented in workflow
- All affected certificates revoked
- Incident report closure summary posted
Participants
DigiCert
Third Party
External References
Similar Local Cases
DigiCert: Some certificates issued with CRLDPs that don’t exactly match CCADB disclosures
DigiCert: DCV logging issue
DigiCert: Several non-functioning AIA URLs
DigiCert: Re-use of WHOIS validation shortly after deadline
DigiCert: inconsistent revocation / OCSP / CRL behavior
DigiCert: Domain used for CRLs and OCSP has expired
DigiCert: 4 CRLs unavailable or not responding
DigiCert: Undisclosed CAs -Federated Trust CA-1