← Sectigo cases
Bugzilla #1813989
Certificate Problem Report
Sectigo: Incomplete Subject organizationName
RESOLVED
FIXED
Sectigo
AI Summary
Sectigo reported an incident involving 278 certificates with incomplete or incorrectly abbreviated organizationName values. The issue was first identified on January 23, 2023, leading to multiple revocations, including 235 certificates on February 19, 2023. The investigation revealed that the misissuance was due to the validation team's handling of organization names exceeding the character limit set by RFC 5280. Remediation efforts were completed with a deployment on April 22, 2023, and the issue has since been resolved.
Chronology
- First report of incomplete organizationName values.
- Initial 6 certificates revoked.
- Revocation of 235 additional certificates completed.
- Remediation changes deployed.
Participants
Martijn Katerbarg
External References
Similar Local Cases
Sectigo: HTML encoded characters in subject attribute values
Sectigo: Missing character in subject:organizationName attribute value
Sectigo: Certificate issuance delayed for more than 398 days after DCV was completed
Sectigo: S/MIME certificates with (null) string value in subject attributes
Sectigo: Incorrectly included registrationStateOrProvince in PSD-based cabfOrganizationIdentifier extension
Sectigo: QWAC certificates issued with incorrect subject:organizationIdentifier attribute value
Sectigo: Package patching gap within Certificate Systems
Sectigo: Late revocation for incomplete Subject organizationName