← China Financial Certification Authority (CFCA) cases
Bugzilla #1886135 Certificate Problem Report

CFCA: certificate basicConstraints extension not marked as critical

RESOLVED FIXED China Financial Certification Authority (CFCA)
AI Summary

The China Financial Certification Authority (CFCA) identified an issue where the basicConstraints extension in several SSL certificates was not marked as critical. Upon receiving a report from a user, CFCA promptly halted certificate issuance and rectified the issue. A total of 2,098 certificates were affected, and CFCA has since implemented measures to prevent future occurrences, including upgrading their linting tools and revising incident handling procedures. The incident has been resolved, and CFCA is now focused on compliance and monitoring improvements.

Model: gpt-4o-mini Generated: 2026-06-13 21:32 UTC Confidence: 0.95
Chronology
  1. CFCA confirmed the issue and stopped issuing certificates.
  2. CFCA resumed certificate issuance after fixing the issue.
  3. CFCA completed revocation of 840 affected certificates.
  4. CFCA completed all improvement measures.
Participants
Gao Fei Ryan Dickson
External References
Original Bugzilla Case
Similar Local Cases
#1793053 RESOLVED Certificate Problem Report Opened 2022-09-30 · Closed 2023-06-30 · 74% similar
CFCA: ICA without EKU
AI Summary CA Owner
#1798812 RESOLVED Certificate Problem Report Opened 2022-11-02 · Closed 2023-05-04 · 70% similar
CFCA: Delayed reporting of revocation of an intermediate CA certificate
AI Summary CA Owner
#1809382 RESOLVED Certificate Problem Report Opened 2023-01-10 · Closed 2023-09-29 · 68% similar
CFCA: Certificate with wrong crlDistributionPoints
AI Summary CA Owner
#1802845 RESOLVED Certificate Problem Report Opened 2022-11-28 · Closed 2023-09-29 · 64% similar
CFCA: EV certificate with wrong PostalCode&Street
AI Summary CA Owner
#1888881 RESOLVED Certificate Problem Report Opened 2024-04-01 · Closed 2025-04-03 · 61% similar
CFCA: Failure to respond to a CPR in a complete and/or timely manner
AI Summary CA Owner
#1863122 RESOLVED Certificate Problem Report Opened 2023-11-04 · Closed 2024-01-10 · 59% similar
CFCA: CRL Error
AI Summary CA Owner
#1771482 RESOLVED Certificate Problem Report Opened 2022-05-27 · Closed 2023-02-22 · 55% similar
CFCA: Precertificate with postalCode and streetAddress swapped
AI Summary CA Owner
#1778035 RESOLVED Certificate Problem Report Opened 2022-07-05 · Closed 2023-04-19 · 55% similar
CFCA: The wrong status of OCSP
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action