← Izenpe S.A. cases
Bugzilla #1921254
Certificate Problem Report
Izenpe: Duplicate attribute in Subject
RESOLVED
FIXED
Izenpe S.A.
AI Summary
Izenpe issued a certificate containing a duplicate attribute in the subject, violating the Baseline Requirements. The issue was identified after the certificate was issued and subsequently revoked. The root cause was a bug introduced during a change in the certificate management application, which affected EV certificates while intended for DV/OV certificates. The issuing team detected the anomaly through manual checks and reported it for resolution. Izenpe has since updated their linting tools and improved their internal processes to prevent similar issues in the future.
Chronology
- BR 2.0.0 is published
- Izenpe installs Zlint 3.6.2-rc1
- Zlint 3.6.3 is released
- New version of client application is deployed
- Certificate with duplicate attribute is issued
- Certificate is revoked
- New version of application is deployed to fix the bug
- Izenpe updates Zlint to 3.6.3
- Izenpe analyzes all certificates issued in the last 13 months
Participants
David Fernandez
External References
Similar Local Cases
Izenpe: Not allowed Qualifier ID OID on Certificate Policies extension
IZENPE: not allowed Key Usage in ocsp responder certificate
Izenpe: Not allowed Qualifier ID OID on Certificate Policies extension of Precertificates
Izenpe: CRL and ARL exceed validity period value by one second
IZENPE: Failed to respond a Certificate Problem Report within 24 hours and create a preliminary report in 72 hours
IZENPE: IssuingDistributionPoint extension in CRLs not marked as Critical
Izenpe: EV certificate with various issues
Izenpe: Intermediate CA certificates not listed in audit report