← GoDaddy cases
Bugzilla #1963456
Certificate Problem Report
GoDaddy: CA Certificates with HTTPS URL in AIA Field
RESOLVED
FIXED
GoDaddy
AI Summary
GoDaddy identified an incident involving subordinate CA certificates that were issued with an HTTPS URL in the Authority Information Access (AIA) field, which is a violation of the baseline requirements. The issue was discovered on April 28, 2025, and involved two cross-signed subordinate CA certificates. The non-compliance was traced back to human error and misconfiguration in the certificate generation process. GoDaddy promptly revoked the affected certificates and has since implemented measures to prevent similar occurrences in the future.
Chronology
- Incident begins with the issuance of certificates containing HTTPS URLs.
- Non-compliance identified and reported.
- Certificates revoked.
- Incident closure summary submitted.
Participants
Steven Deitte
External References
Similar Local Cases
GoDaddy: CA Certificates Published in PEM format
GoDaddy: Missing R1 Intermediate Full CRL URLs in CCADB
GoDaddy: CRL Disclosure in CCADB Mismatch with Issued Certificates
GoDaddy: Precertificates incorrectly logged to DigiCert SCT Logs
GoDaddy: Certificates with invalid embedded SCT signatures
GoDaddy: Partitioned CRL files missing Issuing Distribution Point
GoDaddy: Delayed CRL File Updates
GoDaddy: Delayed revocation