← Netlock cases
Bugzilla #1820174
Certificate Problem Report
NETLOCK: SSL certificates with OU field
RESOLVED
FIXED
Netlock
AI Summary
Netlock identified that multiple SSL certificates issued after September 1, 2022, contained an OU field, which is against compliance requirements. They took immediate steps to modify their internal processes and systems to prevent future occurrences, including updating their SSL request forms and notifying affected customers about the need to revoke their certificates. The revocation process was planned and executed between March 1 and March 16, 2023. Netlock has since implemented regular linting checks and updated their internal policies to ensure compliance.
Chronology
- Received notification about OU field in issued certificates.
- Stopped issuing certificates with OU field.
- Revocation of affected certificates began.
- Final certificate without OU field issued.
- All certificates renewed by the defined deadline.
Participants
Tamás Horváth
Claves Nostrum
Ryan Dickson
Ben Wilson
External References
Similar Local Cases
NETLOCK: Disclosed CRL is expired
NETLOCK: SSL certificates with OU field - revocation delay
NETLOCK: CRL Error on CRL Watch of NETLOCK DVCA CRL
NETLOCK: Pre-certificates revoked with certificateHold reason
NetLock: Intermediate CA Certificate Missing from Audit Reports
Izenpe: Not allowed Qualifier ID OID on Certificate Policies extension of Precertificates
NETLOCK: Invalid CT data in issued certs (SABRE.CT misconfiguration)
CFCA: Delayed reporting of revocation of an intermediate CA certificate