← Entrust cases
Bugzilla #1968246
Certificate Problem Report
Entrust: Incomplete privileged access removal within 24 hours
RESOLVED
FIXED
Entrust
AI Summary
Entrust reported an incident where an infrastructure personnel's privileged access to Certificate Systems was not fully disabled within the required 24 hours following their employment termination. This was discovered during a quarterly access review on May 21, 2025. The issue stemmed from a lack of clarity in the de-registration process, which did not explicitly list all privileges that needed to be revoked. Fortunately, no certificates were mis-issued, and the remaining access was revoked on the same day it was detected. Entrust has committed to updating their processes to prevent future occurrences.
Chronology
- Last day of employee holding System Administrator Trusted Role.
- Quarterly access review begins; incomplete access removal discovered.
- Preliminary incident report posted.
- Full incident report posted.
- Report closure summary provided; remediation actions completed.
Participants
Bruce Morton
External References
Similar Local Cases
Entrust: S/MIME Certificate Issued with Incorrect Policy OID
Entrust: SSL Certificates issued with Un-verified IP Addresses
Entrust: Delayed Revocation for S/MIME certificates
Entrust: Certificate issued with '-' in ST field
Entrust: S/MIME mailbox address case mismatch between subject and subjectAltName
Entrust: Printable String Constraint Failure
Entrust: Incorrect keyUsage for ECC certificate
Entrust: Test Website Certificates Expired