← eMudhra Technologies Limited cases
Bugzilla #1970728
Certificate Problem Report
eMudhra: Invalid CRL signatures
RESOLVED
FIXED
eMudhra Technologies Limited
AI Summary
On June 5, 2025, it was reported that eMudhra Technologies Limited published six Certificate Revocation Lists (CRLs) with invalid ECDSA signatures due to incorrect private key usage. This issue was identified following an external alert from Sectigo. The CRLs were generated on May 29, 2025, and the problem was resolved by June 6, 2025, when correctly signed CRLs were published. No end entity certificates were affected as none had been issued under the impacted Intermediate CAs. The incident was attributed to a procedural error in the manual CRL generation process, which has since been automated to prevent future occurrences.
Chronology
- CRLs generated with incorrect key configuration
- Initial alert sent by Sectigo, quarantined
- Follow-up alert received, issue acknowledged
- Correct CRLs published
Participants
Rob Stradling
Naveen Kumar ML
External References
Similar Local Cases
eMudhra: Failure to respond to a Problem Report within 24 hours
eMudhra emSign PKI Services: Policy Document Inconsistency
eMudhra emSign PKI Services: CA Certificates not published in DER Encoded Format
eMudhra: Delayed Publication of Issuing CA Certificates In CCADB
eMudhra emSign PKI Services : OCSP Responder Time Inconsistency
eMudhra emSign PKI Services : Key Blocking Mechanism Fails to Validate Historical Public Key Reuse.
eMudhra emSign PKI Services : Issue with revocation as part of automated reissuance
QuoVadis / Freistaat Bayern: Non-BR-compliant Key Usage