← SSL.com cases
Bugzilla #1962809
Certificate Problem Report
SSL.com: Expired certificate for a “Valid” Test Website
RESOLVED
FIXED
SSL.com
AI Summary
SSL.com experienced an incident where a test website's valid TLS certificate expired and was not promptly replaced. The issue was reported by a third party, leading to the immediate replacement of the expired certificate. An internal investigation revealed that alerts for expiring certificates were overlooked due to being sent to a high-volume email inbox. SSL.com has since implemented an external monitoring system for better visibility and tracking of certificate expirations, and has committed to improving their alerting processes and certificate management strategies.
Chronology
- Certificate for test-ev-ecc.ssl.com expired.
- Third-party report submitted regarding the expired certificate.
- Internal ticket registered confirming the incident.
- Full Incident Report submitted.
- Incident Closure Summary provided.
Participants
Rebecca Kelley
Luis C.
Chrome Root Program
CCADB Incident Reporting
External References
Similar Local Cases
SSL.com: Revocation process requires submission to a form that is unusable
SSL.com: Issuance of certificates using keys previously reported as compromised
SSL.com: Delay in publishing OCSP responses
SSL.com: Entrust API and CAA checking
SSL.com: Failure to process CAA records from one SubCA
SSL.com: Issuance of 1 EV TLS certificate using a Registration/Incorporation Agency not included in our approved public list.
SSL.com: DCV bypass and issue fake certificates for any MX hostname
SSL.com: Precertificates without corresponding certificates return OCSP value of "Unknown"