← GlobalSign nv-sa cases
Bugzilla #2007098
Certificate Problem Report
GlobalSign: misalignment of CRL URL in CCADB with issued certificates
RESOLVED
FIXED
GlobalSign nv-sa
AI Summary
A misalignment was identified between the CRL URL in the CCADB and the URLs present in issued certificates for GlobalSign's Extended Validation CA - SHA256 - G3. The CCADB entry had a URL without the '/gs/' qualifier, while the issued certificates included it. Although both URLs directed to the same CRL, this discrepancy violated CCADB Policy section 6.2, which mandates exact matches. The issue was reported by a third party and was resolved by updating the CCADB record. GlobalSign has since implemented an automated profile check to prevent future occurrences.
Chronology
- Non-compliance start date
- Non-compliance identified and corrected
- Automated profile check implemented
- Closure report submitted
Participants
Christophe Bonjean
External References
Related Bugzilla IDs Mentioned
Similar Local Cases
GlobalSign: Certificate issued to FQDN with malformed CAA
GlobalSign: CRLs reported in CCADB unavailable
GlobalSign: OCSP responder certificates with more than 64 characters in CN
GlobalSign: Three (3) revoked precertificates with reasonCode “certificateHold”
GlobalSign: EV TLS certificate with only metadata in JOI State field
GlobalSign: Incorrect whois information for TLD
GlobalSign: Organization-validated SMIME certificate with invalid organizationIdentifier for European country
Globalsign: Delayed revocation