← Entrust cases
Bugzilla #1888714
Certificate Problem Report
Entrust: EV Certificate missing Issuer’s EV Policy OID
RESOLVED
FIXED
Entrust
AI Summary
Entrust identified an issue with EV TLS certificates that were issued without the required issuer's EV policy identifier (OID) between September 11 and September 22, 2023. This misissuance affected 1969 certificates, leading to non-compliance with EV Guidelines. Entrust has since updated their certificate profiles to include the necessary OID and is in the process of replacing and revoking the affected certificates. A full incident report is expected to be provided by April 11, 2024.
Chronology
- Certificates issued without the required EV policy OID.
- Entrust confirmed inclusion of the EV policy OID in all EV certificate profiles.
- Entrust to provide a full incident report.
Participants
Bruce Morton
Adriano Santoni
Ryan Dickson
Martijn Katerbarg
Rob
Ben Wilson
External References
Similar Local Cases
Entrust: SSL Certificates issued with Un-verified IP Addresses
Entrust: Failure to revoke EV TLS certificates issued before CPS update
Entrust: clientAuth TLS Certificates without serverAuth EKU
Entrust: CRL non-conformance with the TLS BRs
Entrust: Failure to revoke a certificate
Entrust: S/MIME Certificate Issued with Incorrect Policy OID
Entrust: Printable String Constraint Failure
SSL.com: Entrust API and CAA checking