← China Financial Certification Authority (CFCA) cases
Bugzilla #1809382 Certificate Problem Report

CFCA: Certificate with wrong crlDistributionPoints

RESOLVED FIXED China Financial Certification Authority (CFCA)
AI Summary

The China Financial Certification Authority (CFCA) identified an issue where three certificates were issued with incorrect crlDistributionPoints marked as critical. This error was discovered during a verification process on January 6, 2023, leading to the immediate revocation of the affected certificates. CFCA has since implemented corrective measures, including a re-optimization of their Zlint verification process, to prevent future occurrences. The issue has been resolved, and CFCA has committed to ongoing improvements in their certificate issuance processes.

Model: gpt-4o-mini Generated: 2026-06-13 21:29 UTC Confidence: 1.00
Chronology
  1. CFCA discovered the issue with crlDistributionPoints during verification.
  2. CFCA revoked the three affected certificates.
  3. CFCA completed the application of ZLint service.
  4. CFCA completed the upgrade of signing certificates with a throwaway key.
  5. Case marked for closure.
Participants
Gao Fei Chris Clements Aaron Gable Rob Stradling Brett Wilson
External References
Original Bugzilla Case
Similar Local Cases
#1863122 RESOLVED Certificate Problem Report Opened 2023-11-04 · Closed 2024-01-10 · 71% similar
CFCA: CRL Error
AI Summary CA Owner
#1802845 RESOLVED Certificate Problem Report Opened 2022-11-28 · Closed 2023-09-29 · 70% similar
CFCA: EV certificate with wrong PostalCode&Street
AI Summary CA Owner
#1798812 RESOLVED Certificate Problem Report Opened 2022-11-02 · Closed 2023-05-04 · 69% similar
CFCA: Delayed reporting of revocation of an intermediate CA certificate
AI Summary CA Owner
#1886135 RESOLVED Certificate Problem Report Opened 2024-03-19 · Closed 2024-09-26 · 68% similar
CFCA: certificate basicConstraints extension not marked as critical
AI Summary CA Owner
#1793053 RESOLVED Certificate Problem Report Opened 2022-09-30 · Closed 2023-06-30 · 66% similar
CFCA: ICA without EKU
AI Summary CA Owner
#1838667 RESOLVED Certificate Problem Report Opened 2023-06-15 · Closed 2023-07-05 · 64% similar
Let's Encrypt: Duplicate Serial Numbers
AI Summary CA Owner
#1753123 RESOLVED Certificate Problem Report Opened 2022-02-01 · Closed 2023-01-04 · 61% similar
Let's Encrypt: Failure to provide OCSP Responses for some certificates
AI Summary CA Owner
#1888881 RESOLVED Certificate Problem Report Opened 2024-04-01 · Closed 2025-04-03 · 59% similar
CFCA: Failure to respond to a CPR in a complete and/or timely manner
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action