← DigiCert cases
Bugzilla #1881364
Certificate Problem Report
Digicert: SMIME certificate with unvalidated information
RESOLVED
DigiCert
AI Summary
DigiCert identified a single SMIME certificate issued with unvalidated information on February 20, 2024. The certificate was promptly revoked, and an investigation revealed that it was issued from a disaster recovery system running outdated code. The incident was quickly contained, and no other certificates were found to be affected. DigiCert has since implemented measures to ensure compliance with the S/MIME BRs and prevent similar occurrences in the future.
Chronology
- DigiCert discovers SMIME certificate with unvalidated information.
- Certificate is revoked.
- DigiCert provides root cause analysis and remediation steps.
- Case is resolved and ready for closure.
Participants
Martin Sullivan
Dimitris Zacharopoulos
Jeremy Rowley
Ben Wilson
External References
Similar Local Cases
DigiCert: OCSP responder returning invalid responses
DigiCert: Inconsistent validation information
Digicert: Government Entity listed instead of registration number
DigiCert: Typo in TLS Org Name
DigiCert: 4 CRLs unavailable or not responding
DigiCert: Truncation of Registration Number
DigiCert: Certificates issued inconsistent with S/MIME BR v1.0.1
DigiCert / InfoCert: Insufficient Serial Number Entropy