← GlobalSign nv-sa cases
Bugzilla #1866806
Certificate Misissuance
GlobalSign: S/MIME Sponsor validated certificates with CommonName value equal to OrganizationName
RESOLVED
FIXED
GlobalSign nv-sa
AI Summary
GlobalSign identified a misissuance of S/MIME sponsor-validated certificates during a quarterly audit on November 27, 2023. Three certificates were found to have a Subject:CommonName value that matched the Subject:OrganizationName, violating S/MIME BR requirements. A total of 11 certificates were ultimately affected. The issue was promptly addressed with a revocation process initiated, and all affected certificates were revoked by December 1, 2023. Preventative measures, including the deployment of a new linting tool, are being implemented to avoid future occurrences.
Chronology
- Quarterly internal audit identifies misissued certificates.
- All affected certificates revoked.
- Production deployment of new linting tool completed.
Participants
Christophe Bonjean
Eva Vansteenberge
Ben Wilson
External References
Similar Local Cases
GlobalSign: EV certificate with wildcard domain in common name and SAN
GlobalSign: Issuance of test certificate (pre-certificate) for EV SSL/QWAC with no EKU extension
GlobalSign: TLS OV Certificate containing unverified information
GlobalSign: Use of Domain Validation Random Value for more than 30 days
GlobalSign: Incorrect RegNumber-Org Type combination
GlobalSign: RSA-1024 leaf certificate issued after 2013-12-31
SwissSign: Misissuance with mispellings in Location for a number of Certificates
SwissSign: Mis-Issuance of S/MIME certificates