← Certigna cases
Bugzilla #1883416 Certificate Misissuance

Certigna: TLS certificates with Basic constraint non-critical

RESOLVED FIXED Certigna
AI Summary

Certigna has been issuing TLS certificates since September 15, 2023, without the Basic Constraint extension marked as critical, which is a requirement under the Baseline Requirements. This issue was not identified by the monitoring team or automated tools, leading to the issuance of 3,661 non-compliant certificates, primarily used by French state ministries. Upon discovery, Certigna halted the issuance of TLS certificates and subsequently revoked all affected certificates. The incident has been resolved with corrective actions implemented.

Model: gpt-4o-mini Generated: 2026-06-13 21:27 UTC Confidence: 0.90
Chronology
  1. Issuance of non-compliant certificates
  2. Incident reported and certificate issuance stopped
  3. Notification sent to subscribers regarding revocation
  4. Revocation of all affected certificates
  5. All actions implemented and ticket ready for closure
Participants
Josselin Allemandou Ryan Dickson Arnaud F. Amir A. Rob R. Delval Ben Wilson
External References
Original Bugzilla Case www.ccadb.org github.com
Similar Local Cases
#1667744 RESOLVED Certificate Misissuance Opened 2020-09-28 · Closed 2023-02-22 · 67% similar
Dhimyotis / Certigna: Certificates issued with validity periods greater than 398-days
AI Summary CA Owner
#1709896 RESOLVED Certificate Misissuance Opened 2021-05-06 · Closed 2024-05-09 · 66% similar
Certigna: certificates issued with 2 SCT
AI Summary CA Owner
#1830536 RESOLVED Certificate Misissuance Opened 2023-04-28 · Closed 2024-05-11 · 57% similar
e-commerce monitoring gmbh: certificate issued with two pre-certificates
AI Summary CA Owner
#1485413 RESOLVED Certificate Misissuance Opened 2018-08-22 · Closed 2023-02-22 · 57% similar
Certigna: Issuance without respecting CAA records
AI Summary CA Owner
#1883843 RESOLVED Certificate Misissuance Opened 2024-03-06 · Closed 2024-08-13 · 56% similar
Entrust: EV TLS Certificate cPSuri missing
AI Summary CA Owner
#1888016 RESOLVED Certificate Misissuance Opened 2024-03-27 · Closed 2024-06-05 · 55% similar
Digicert: Failure to include CPS URI in 1 certificate
AI Summary CA Owner
#1674082 RESOLVED Certificate Misissuance Opened 2020-10-29 · Closed 2023-02-22 · 52% similar
Dhimyotis / Certigna: Certificates issued with validity periods greater than 398-days
AI Summary CA Owner
#1884532 RESOLVED Certificate Misissuance Opened 2024-03-09 · Closed 2024-07-11 · 51% similar
ACCV: Certificates issued with cRLIssuer in CDP extension
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action