← SwissSign AG cases
Bugzilla #1825232
Certificate Problem Report
SwissSign: Invalid CT data in issued certs (SABRE.CT misconfiguration)
RESOLVED
INVALID
SwissSign AG
AI Summary
SwissSign AG reported an issue regarding invalid Certificate Transparency (CT) data in some of their issued certificates due to a misconfiguration in their SABRE.CT system. The problem was identified after an employee noticed a mention of SwissSign in a blog post about CT issues. Following the discovery, the compliance team opened an incident and confirmed the misissuance of four certificates. Although the certificates contained SCTs from a test log, they complied with existing policies, leading to the resolution of the case as 'Invalid'. The CA has since ceased the issuance of affected certificates and is implementing measures to prevent future occurrences.
Chronology
- Internal compliance incident opened after employee report.
- Incident report published and affected customers contacted.
- Revocation of affected certificates scheduled.
Participants
Roman Fischer
Ben Wilson
External References
Similar Local Cases
SwissSign: Invalid stateOrProvinceName field
SwissSign: duplicate serial number
SwissSign: Certificate Profile error for S/MIME MV
SwissSign: CRL/OCSP revocation time mismatch
SwissSign: Delayed revocation for mispellings in Location for a number of Certificates
SwissSign: OCSP outage
SwissSign: Failure to provide a preliminary report within 24 hours.
SwissSign: Certificate issue with Signature