← China Financial Certification Authority (CFCA) cases
Bugzilla #1838371 Certificate Misissuance

CFCA: certificate with an incorrect OrganizationName

RESOLVED FIXED China Financial Certification Authority (CFCA)
AI Summary

The China Financial Certification Authority (CFCA) issued an OV SSL certificate for the domain www.hncdi.gov.cn, which incorrectly listed the organization as Hainan New Realm Software Co., Ltd. instead of the actual registrant, the Hainan Provincial Commission for Discipline Inspection of the Communist Party of China. Following reports of this misissuance, CFCA acknowledged the error and initiated the revocation of 22 affected certificates. They have also revised their verification processes to ensure future compliance with standards.

Model: gpt-4o-mini Generated: 2026-06-13 21:30 UTC Confidence: 0.90
Chronology
  1. CFCA issued certificate for www.hncdi.gov.cn
  2. Misissuance reported by user
  3. CFCA confirmed revocation of certificates
  4. Certificates revoked
Participants
2018@duck.com gaofei@cfca.com.cn bwilson@mozilla.com rob@sectigo.com amir@aaomidi.com
External References
Original Bugzilla Case crt.sh www.ccadb.org
Similar Local Cases
#1895006 RESOLVED Certificate Misissuance Opened 2024-05-03 · Closed 2024-08-23 · 63% similar
IdenTrust: unintended creation of a Root CA certificate
AI Summary CA Owner
#1871113 RESOLVED Certificate Misissuance Opened 2023-12-20 · Closed 2024-05-15 · 55% similar
SSL.com: Issuance of one Sponsored-Validated S/MIME certificate with organization information in givenName and surName of the subjectDN
AI Summary CA Owner
#1927384 RESOLVED Certificate Misissuance Opened 2024-10-28 · Closed 2025-01-29 · 55% similar
iTrusChina: Issuance of certificates using keys previously reported as compromised
AI Summary CA Owner
#1836694 RESOLVED Certificate Misissuance Opened 2023-06-05 · Closed 2023-09-29 · 55% similar
Hongkong Post: Invalid EV cert businessCategory
AI Summary CA Owner
#1866448 RESOLVED Certificate Misissuance Opened 2023-11-24 · Closed 2024-02-14 · 54% similar
NAVER Cloud Trust Services: DV Certificate issued with improperly validated
AI Summary CA Owner
#2006333 RESOLVED Certificate Misissuance Opened 2025-12-16 · Closed 2026-03-10 · 53% similar
CFCA: EV Certificates misissued with incorrect businessCategory
AI Summary CA Owner
#1949131 RESOLVED Certificate Misissuance Opened 2025-02-19 · Closed 2025-05-08 · 51% similar
CFCA: BasicConstraints are not marked as critical certificates are missing and therefore not revoked
AI Summary CA Owner
#1943596 RESOLVED Certificate Misissuance Opened 2025-01-24 · Closed 2025-05-01 · 50% similar
HARICA: S/MIME certificate issuance with incorrect commonName
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action