← Sectigo cases
Bugzilla #1910451
Certificate Problem Report
Sectigo: Missing character in subject:organizationName attribute value
RESOLVED
FIXED
Sectigo
AI Summary
Sectigo reported a Certificate Problem involving three certificates that had a typographical error in the subject:organizationName attribute value. The error involved a missing character, leading to misissuance. Following the report, the affected certificates were revoked on July 31, 2024. A subsequent report identified additional certificates with similar issues, which were also revoked on August 7, 2024. The root cause was attributed to reliance on customer-provided data without sufficient automated validation.
Chronology
- Received Certificate Problem Report for three certificates.
- Revoked the three reported certificates.
- Received another CPR for additional misissued certificates.
- Revoked the seven misissued certificates.
Participants
Martijn Katerbarg
Ben Wilson
External References
Similar Local Cases
Sectigo: HTML encoded characters in subject attribute values
Sectigo: QWAC certificates issued with incorrect subject:organizationIdentifier attribute value
Sectigo: Late revocation for incomplete Subject organizationName
Sectigo: S/MIME certificates with (null) string value in subject attributes
Sectigo: Non-existent hostname in CDP and AIA URLs
Sectigo: Temporary unavailability for subset of CRLs
Sectigo: Failure to revoke ECC certificates with non-DER encoded keyUsage within 5 days
Sectigo: Premature disabling of CRL generation for an inactive CA