← DigiCert cases
Bugzilla #1888016 · Certificate Misissuance
Digicert: Failure to include CPS URI in 1 certificate
DigiCert · RESOLVED
AI Summary
DigiCert issued an EV TLS certificate that failed to include a required CPS URI and had a jurisdiction mismatch in its organizationID. This misissuance occurred during a demonstration of a new system designed for EU compliance. The issue was identified and the certificate was revoked promptly. DigiCert has since implemented patches to ensure all certificates are properly vetted through their internal linter.
Chronology
- DigiCert issued an EV TLS certificate.
- DigiCert received notice of the mis-issued certificate.
- DigiCert revoked the certificate.
- All publicly trusted certificates began being sent through the linter.
- Bug closed with ongoing patching noted.
Participants
Jeremy Rowley
Ben Wilson
Ryan Dickson
External References
Similar Local Cases
DigiCert: Incorrect case in Business Category
DigiCert / Inteso San Paulo: Double dot characters
DigiCert / Justica: Invalid DNS names
DigiCert / Telecom Italia: Several Problems
DigiCert: Mis-Issuance Rekey certificates
DigiCert / Siemens: Insufficient Serial Number Entropy
DigiCert: Org-JOI type mismatch
DigiCert: SHA-1 intermediate issued after 2016-01-01