← Microsoft Corporation cases
Bugzilla #1974592 Certificate Problem Report

Microsoft PKI Services: Pre-Sign Linting Validation did not occur in ICA creation

RESOLVED FIXED Microsoft Corporation
AI Summary

Microsoft PKI Services issued five new intermediate certificate authorities (ICAs) from Microsoft TLS RSA Root G2 without the required pre-sign linting validation, violating compliance expectations. The issue was identified during a post-issuance review on June 26, 2025, and all impacted ICAs were revoked by July 1, 2025. The root cause was a misconfiguration in the administrative tool that set the linting requirement flag to false. Remedial actions included updating the configuration management tool, improving UI visibility for critical settings, and expanding regression testing.

Model: gpt-4o-mini Generated: 2026-06-13 21:22 UTC Confidence: 1.00
Chronology
  1. Non-compliance identified during post-issuance review.
  2. Impacted ICAs revoked.
  3. Closure report submitted.
Participants
CentralPKI@microsoft.com
External References
Original Bugzilla Case cabforum.org www.microsoft.com
Similar Local Cases
#2009543 RESOLVED Certificate Problem Report Opened 2026-01-10 · Closed 2026-02-09 · 59% similar
Microsoft PKI Services: Improper Disclosure of CRLs – Does Not Match CA Subject
AI Summary CA Owner
#2009545 RESOLVED Certificate Problem Report Opened 2026-01-10 · Closed 2026-02-11 · 57% similar
Microsoft PKI Services: Improper Disclosure of CRLs – Protocol Scheme
AI Summary CA Owner
#2009539 RESOLVED Certificate Problem Report Opened 2026-01-10 · Closed 2026-02-17 · 57% similar
Microsoft PKI Services: Improper Disclosure of CRLs – IDP – Existing CAs
AI Summary CA Owner
#2008847 RESOLVED Certificate Problem Report Opened 2026-01-06 · Closed 2026-02-17 · 57% similar
Microsoft PKI Services: Sample Site Certificates expired
AI Summary CA Owner
#2007221 RESOLVED Certificate Problem Report Opened 2025-12-20 · Closed 2026-03-02 · 57% similar
Microsoft PKI Services: Improper Disclosure of CRL
AI Summary CA Owner
#1999850 ASSIGNED Certificate Problem Report Opened 2025-11-13 Still Open · 57% similar
Microsoft PKI Services: OCSP Non-Compliance
AI Summary CA Owner
#1970968 RESOLVED Certificate Problem Report Opened 2025-06-06 · Closed 2025-07-08 · 57% similar
Microsoft PKI Services: Incorrect Revocation Reason Code
AI Summary CA Owner
#2009542 RESOLVED Certificate Problem Report Opened 2026-01-10 · Closed 2026-02-17 · 56% similar
Microsoft PKI Services: Improper Disclosure of CRLs – IDP – New CAs
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action