← Autoridad de Certificación (ANF AC) cases
Bugzilla #1974325
Policy Compliance
ANF AC: Test Certificates Non-Compliance
RESOLVED
FIXED
Autoridad de Certificación (ANF AC)
AI Summary
The CA Owner, Autoridad de Certificación (ANF AC), reported a compliance issue regarding expired test certificates for their Valid and Revoked test websites. The certificates expired on June 17, 2025, violating the Baseline Requirements which mandate that test websites must host valid, unrevoked, and unexpired certificates at all times. The issue was identified on June 26, 2025, and the certificates were replaced by June 30, 2025. The CA has since implemented corrective actions, including a centralized certificate inventory and a recurring compliance task for test website management.
Chronology
- Test Website certificates expired.
- Non-compliance identified.
- Test Website certificates replaced.
- Incident report closure requested.
Participants
Derek R. Greene
Yulier Nuñez
Pablo
External References
Similar Local Cases
ANF AC: Finding #4 ETSI Audit - Missing one Revocation circumstance on CPS
ANF AC: Finding #2 ETSI Audit - Information security policy not updated on the website
ANF: Missing log retention period in Terms and Conditions v1.9
ANF AC: Finding #3 ETSI Audit - Improve documental explanation revocation request >24h on CPS
ANF AC: Finding #1 ETSI Audit - Missing log retention period in Terms and Conditions v1.9
FNMT: Incorrect publication of information for Test Website - Valid
NETLOCK: CA/Browser Forum TLS BR Non-compliance
NETLOCK: Expired Test Website Certificate