← Sectigo cases
Bugzilla #1908690
Certificate Problem Report
Sectigo: Temporary unavailability for subset of CRLs
RESOLVED
FIXED
Sectigo
AI Summary
On July 16, 2024, Sectigo experienced a temporary unavailability of 13 Certificate Revocation Lists (CRLs) due to a change in their infrastructure aimed at decommissioning a deprecated CRL distribution system. This change inadvertently caused the affected CRLs to return a 504 Gateway Time-out error for approximately one hour. The issue was identified and resolved quickly, with the affected CRLs restored shortly after the problem was detected. Lessons learned included the need for better confirmation processes before decommissioning legacy systems.
Chronology
- Change made to infrastructure, resulting in 504 errors for 13 CRLs.
- Issue detected and escalated internally.
- Change reversed, restoring CRL availability.
- All action items completed.
- Request made to close the bug.
Participants
Martijn Katerbarg
Ben Wilson
External References
Original Bugzilla Case
crl.securecore-ca.com
crl.securecore-ca.com
crl.securecore-ca.com
crl.securecore-ca.com
crl.securecore-ca.com
crl.incommon-rsa.org
crl.incommon-rsa.org
crl.incommon-rsa.org
crl.trustasiassl.com
crl.trustasiassl.com
crl.trustasiassl.com
crl.trustasiassl.com
crl.trustasiassl.com
Similar Local Cases
Sectigo: HTML encoded characters in subject attribute values
Sectigo: Non-existent hostname in CDP and AIA URLs
Sectigo: Failure to revoke ECC certificates with non-DER encoded keyUsage within 5 days
Sectigo: S/MIME certificates with (null) string value in subject attributes
Sectigo: Missing character in subject:organizationName attribute value
Sectigo: QWAC certificates issued with incorrect subject:organizationIdentifier attribute value
Sectigo: Late revocation for incomplete Subject organizationName
Sectigo: Premature disabling of CRL generation for an inactive CA