← DigiCert cases
Bugzilla #1483639 · Certificate Problem Report
DigiCert / ADACOM: published expired CRLs
DigiCert · RESOLVED
AI Summary
DigiCert reported that ADACOM had published expired Certificate Revocation Lists (CRLs) which did not include certain revoked intermediate certificates. After being notified, ADACOM replaced the CRLs but later reverted to outdated versions. An incident report was requested, and ADACOM has since implemented measures to prevent recurrence, including monitoring synchronization between servers and ensuring correct CRL postings.
Chronology
- DigiCert notified ADACOM about missing revocations in CRLs.
- ADACOM replaced CRLs with correct versions.
- ADACOM confirmed implementation of monitoring and review processes.
Participants
Wayne Thayer
Ben Wilson
External References
Similar Local Cases
DigiCert: Good OCSP Responses for Revoked Intermediates
DigiCert: Symantec non-constrained/non-disclosed intermediate CA certificates
DigiCert: Non-BR-Compliant OCSP Responders
DigiCert: 4 CRLs unavailable or not responding
DigiCert: Some CRLs were not updated for a few days
DigiCert / InfoCert: Insufficient Serial Number Entropy
DigiCert: Missed Underscore Certificate Revocations
DigiCert: Typo in TLS Org Name