← NAVER Cloud Trust Services cases
Bugzilla #1843268 Certificate Misissuance

NAVER Cloud Trust Services: OV certificate issued with OU field

RESOLVED FIXED NAVER Cloud Trust Services
AI Summary

NAVER Cloud Trust Services issued an OV SSL certificate containing an Organization Unit (OU) field on June 28, 2023. Upon discovering this misissuance during a security check on July 13, 2023, the affected certificate was revoked the same day. Investigations revealed that the validation logic in their internal system failed to check for the OU field in externally generated Certificate Signing Requests (CSRs). Remedial measures, including updates to the validation logic and additional pre-linting checks, have been implemented to prevent future occurrences.

Model: gpt-4o-mini Generated: 2026-06-13 20:55 UTC Confidence: 0.95
Chronology
  1. Issuance of certificate with OU field
  2. Detection of the OU field in the certificate
  3. Revocation of the affected certificate
  4. Decision to stop issuing certificates with externally generated CSRs
  5. Completion of pre-linting measures
Participants
Han Yong, Park Matt Miller Ben Wilson
External References
Original Bugzilla Case crt.sh
Similar Local Cases
#1845269 RESOLVED Certificate Misissuance Opened 2023-07-25 · Closed 2023-09-29 · 75% similar
NAVER Cloud Trust Services: commonName not in SAN
AI Summary CA Owner
#1785865 RESOLVED Certificate Misissuance Opened 2022-08-18 · Closed 2024-05-09 · 63% similar
NAVER Cloud Trust Services: DV certificate issued with no subject alternative name extension
AI Summary CA Owner
#1866448 RESOLVED Certificate Misissuance Opened 2023-11-24 · Closed 2024-02-14 · 61% similar
NAVER Cloud Trust Services: DV Certificate issued with improperly validated
AI Summary CA Owner
#1908128 RESOLVED Certificate Misissuance Opened 2024-07-16 · Closed 2024-08-28 · 56% similar
NAVER Cloud Trust Services: Certificate issued with incorrect OCSP URI in AIA
AI Summary CA Owner
#1908130 RESOLVED Certificate Misissuance Opened 2024-07-16 · Closed 2024-08-28 · 53% similar
NAVER Cloud Trust Services: Incorrect keyUsage for ECC certificate
AI Summary CA Owner
#1888016 RESOLVED Certificate Misissuance Opened 2024-03-27 · Closed 2024-06-05 · 50% similar
Digicert: Failure to include CPS URI in 1 certificate
AI Summary CA Owner
#1731586 RESOLVED Certificate Misissuance Opened 2021-09-20 · Closed 2023-02-22 · 49% similar
SwissSign: Certificate with key length 16258
AI Summary CA Owner
#1766255 RESOLVED Certificate Misissuance Opened 2022-04-25 · Closed 2023-02-22 · 49% similar
SwissSign: Mis-Issuance of S/MIME certificates
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action