← IdenTrust Services, LLC cases
Bugzilla #1910195
Certificate Misissuance
IdenTrust: Invalid special characters in S/MIME Certificates
RESOLVED
FIXED
IdenTrust Services, LLC
AI Summary
IdenTrust identified a configuration issue that led to the improper encoding of special characters in the Subject's common name field of S/MIME certificates, violating RFC-5280. This mis-issuance affected two certificates, one active and one revoked. The issue was promptly addressed by revoking the active certificate and updating the configuration to prevent future occurrences. A thorough investigation confirmed the root cause and corrective actions were implemented, including the successful configuration of the linting process for all accounts.
Chronology
- Customer reported certificate issue.
- Improper encoding discovered.
- Active certificate revoked.
- Customer notified to revoke affected certificate.
- Linting process successfully implemented.
Participants
IdenTrust
Mozilla
External References
Similar Local Cases
IdenTrust: test certificates inadvertently published in production environment
IdenTrust: Issuance of Subordinate CA’s Without EKU
IdenTrust: Mis-Issued EV Certificates
IdenTrust: Approval of TLS certificate renewal without domain validation
IdenTrust: Improper encoding of wildcard certificate
IdenTrust: Root OCSP Signer certificate mis-issuance
IdenTrust: Issuance of OV SSL Certificate with doc vetting older than 398 days
IdenTrust: Issuance of certificates greater than 398 days