← Chunghwa Telecom cases
Bugzilla #2005567
Certificate Problem Report
Chunghwa Telecom: CA Certificates Published in PEM format
RESOLVED
FIXED
Chunghwa Telecom
AI Summary
Chunghwa Telecom reported an incident where a SubCA certificate file was served in PEM format instead of the required DER format as per RFC 5280. This issue was identified through a third-party report, and the affected URI was promptly updated to comply with the standards. The incident raised concerns about potential impacts on application systems relying on the CA Issuer information for validation. Following the incident, Chunghwa Telecom implemented several corrective measures, including automated verification processes and updates to internal procedures to prevent recurrence.
Chronology
- SubCA certificate issued
- Non-compliance identified
- File replacement completed
- Incident report closure summary provided
Participants
Tsung-Min Kuo
External References
Related Bugzilla IDs Mentioned
Similar Local Cases
Chunghwa Telecom: Test Website certificate not revoked
Chunghwa Telecom: Issuance of certificate using keys previously reported as compromised
Chunghwa Telecom: OV TLS Server certificate issuance by GTLSCA without proper validation
Chunghwa Telecom: Failure to respond to CPR within 24 hours
Chunghwa Telecom: Failure to check restrictive CAA record during Migration
Chunghwa Telecom: “Test Website - Valid" URL disclosed to CCADB is expired
Chunghwa Telecom: TLS Certificates Contains two LocalityName Values in SubjectDN by GTLSCA
Chunghwa Telecom: Controversial Values within Extension (2.5.29.9, subjectDirectoryAttributes)