← Disig, a.s. cases
Bugzilla #1889672 Certificate Problem Report

Disig: Certificates with incorrect Subject attribute order

RESOLVED FIXED Disig, a.s.
AI Summary

Disig, a.s. issued TLS certificates with an incorrect subject attribute order, violating TLS BR Section 7.1.4.2. The issue was identified during an investigation of a previous bug, leading to the revocation of 8 affected certificates. Disig halted the issuance of TLS certificates until the root cause was determined. The final affected certificate was revoked on April 12, 2024, and measures have been implemented to prevent future occurrences.

Model: gpt-4o-mini Generated: 2026-06-13 21:22 UTC Confidence: 0.90
Chronology
  1. Preliminary report filed after discovering incorrect subject attribute order.
  2. Last affected certificate revoked.
  3. Control of Subject RDN order implemented.
Participants
Jozef Nigut Martijn Katerbarg
External References
Original Bugzilla Case bugzilla.mozilla.org
Similar Local Cases
#1888104 RESOLVED Certificate Problem Report Opened 2024-03-27 · Closed 2024-07-11 · 64% similar
Disig: TLS certificate with basicConstraints not marked as critical
AI Summary CA Owner
#2007132 RESOLVED Certificate Problem Report Opened 2025-12-19 · Closed 2026-02-11 · 61% similar
Disig: Certificates with invalid embedded SCT signature
AI Summary CA Owner
#1907667 RESOLVED Certificate Problem Report Opened 2024-07-12 · Closed 2024-08-17 · 61% similar
Disig: Two certificates with same serial number
AI Summary CA Owner
#2008972 RESOLVED Certificate Problem Report Opened 2026-01-07 · Closed 2026-01-28 · 57% similar
Disig: Delayed Full Incident Report
AI Summary CA Owner
#1902748 RESOLVED Certificate Problem Report Opened 2024-06-14 · Closed 2024-08-28 · 55% similar
Sectigo: QWAC certificates issued with incorrect subject:organizationIdentifier attribute value
AI Summary CA Owner
#1886406 RESOLVED Certificate Problem Report Opened 2024-03-20 · Closed 2024-08-28 · 51% similar
Hongkong Post: TLS certificates with Certificate Policies extension that does not assert http scheme
AI Summary CA Owner
#1853987 RESOLVED Certificate Problem Report Opened 2023-09-19 · Closed 2023-10-12 · 51% similar
Sectigo: S/MIME certificates with (null) string value in subject attributes
AI Summary CA Owner
#2007066 RESOLVED Certificate Problem Report Opened 2025-12-19 · Closed 2026-01-20 · 50% similar
Disig: Missing CA Disig R2I2 Certification Service Full CRL URLs in CCADB
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action