← SwissSign AG cases
Bugzilla #1916489 Certificate Misissuance

SwissSign: LDAP URL still in CRL distribution point (CDP)

RESOLVED FIXED SwissSign AG
AI Summary

SwissSign AG identified a misissuance of 1,071 TLS certificates due to an outdated LDAP URL in the CRL distribution point, which violated TLS BR regulations effective September 15, 2023. The issue arose during a transition to new CA software, where controls were not applied to the legacy system. All affected certificates were revoked by September 8, 2024. SwissSign has since revised its CA system migration procedures to prevent future occurrences.

Model: gpt-4o-mini Generated: 2026-06-13 20:49 UTC Confidence: 0.95
Chronology
  1. TLS BR chapter 7.1.2.11.2 released, requiring 'http' scheme
  2. Last mis-issuance confirmed
  3. Investigation into possible misissuance initiated
  4. Investigation confirms misissuance
  5. Revocation of affected certificates completed
  6. CA migration procedure revised
Participants
Sandy Balzer Ben Wilson
External References
Original Bugzilla Case
Similar Local Cases
#1914023 RESOLVED Certificate Misissuance Opened 2024-08-20 · Closed 2025-04-03 · 68% similar
SwissSign: S/MIME LCP not-permitted key usage
AI Summary CA Owner
#1874196 RESOLVED Certificate Misissuance Opened 2024-01-11 · Closed 2024-03-27 · 65% similar
SwissSign: difference in upper and lower case between CN field and SAN
AI Summary CA Owner
#1691704 RESOLVED Certificate Misissuance Opened 2021-02-09 · Closed 2023-02-22 · 64% similar
SwissSign: Certificate with key length 4098 bit
AI Summary CA Owner
#1613334 RESOLVED Certificate Misissuance Opened 2020-02-05 · Closed 2023-02-22 · 60% similar
SwissSign: Misissuance with mispellings in Location for a number of Certificates
AI Summary CA Owner
#1731586 RESOLVED Certificate Misissuance Opened 2021-09-20 · Closed 2023-02-22 · 60% similar
SwissSign: Certificate with key length 16258
AI Summary CA Owner
#1766255 RESOLVED Certificate Misissuance Opened 2022-04-25 · Closed 2023-02-22 · 60% similar
SwissSign: Mis-Issuance of S/MIME certificates
AI Summary CA Owner
#1914020 RESOLVED Certificate Misissuance Opened 2024-08-20 · Closed 2024-09-13 · 60% similar
SwissSign: S/MIME NCP non ASCII symbols in email and SAN field wrong coding
AI Summary CA Owner
#1894054 RESOLVED Certificate Misissuance Opened 2024-04-29 · Closed 2024-07-03 · 60% similar
SwissSign: MPKI step-up process sets wrong JoI Locality
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action