← DigiCert cases
Bugzilla #1936906
Certificate Misissuance
DigiCert: Invalid Characters in S/MIME Subject Fields
RESOLVED
DigiCert
AI Summary
DigiCert experienced a misissuance of 21 S/MIME certificates due to a configuration error in their linting process, which allowed invalid characters in subject fields. The issue was identified through post-issuance checks, leading to the immediate revocation of the affected certificates. Remediation steps included fixing the linting configuration and enhancing logging and alerting mechanisms. DigiCert is committed to maintaining compliance and is in the process of deprecating the legacy system involved.
Chronology
- Issue reported via post-issuance linting
- All affected certificates revoked
- Incident report closure summary drafted
- Bug ready to close
Participants
Tim Hollebeek
Martijn Katerbarg
Ben Wilson
External References
Similar Local Cases
Digicert: Failure to include CPS URI in 1 certificate
DigiCert: Mis-issuance of certificate with https in CN/SAN
DigiCert / Inteso San Paulo: Double dot characters
DigiCert / Justica: Invalid DNS names
Sectigo: Incorrect inclusion of DBA name
DigiCert: Unclear Disclosure of CAA Issuer Domain Names
Sectigo: Misspelled city name in localityName field
Sectigo: SMIME issuance with insufficient validation of mailbox authorization or control