← Telia Company cases
Bugzilla #1940957
Certificate Problem Report
Telia: TLS OV certificate with subject countryName and localityName mismatch
RESOLVED
FIXED
Telia Company
AI Summary
Telia CA issued a certificate with a mismatch between the subject's countryName (FI) and localityName (Solna, SE). The certificate was issued to an authorized subscriber but was never put into production. Upon discovery of the mismatch through daily validation, Telia CA promptly revoked the certificate and halted further issuance until the underlying software defect was addressed. Remediation included enhancing validation checks and implementing pre-issuance linting to prevent future occurrences.
Chronology
- CSR request for certificate issuance received
- Certificate revoked after validation detected mismatch
- Custom linting solution deployed in production
Participants
Antti Backman
External References
Similar Local Cases
Telia: Delayed revocation of seven (7) certificates related to incident 1896108
Telia: Findings in 2025 ETSI Audit - Incident Report #1 – Vulnerability management
Telia: Inccorrect CRL URL on a Root CA record in CCADB
Telia: Certificates with RSA keys where modulus is not divisible by 8
Telia: Disallowed curve (P-521) in leaf certificate
Telia: Invalid email contact address was used for few domains
Telia: Issued three precertificates with non-NIST EC curve
Telia: Delayed revocation of 5 EE certificates in connection to id=1736020