← GoDaddy cases
Bugzilla #2007216
Certificate Problem Report
GoDaddy: CRL Disclosure in CCADB Mismatch with Issued Certificates
ASSIGNED
GoDaddy
AI Summary
GoDaddy has reported a mismatch between the Certificate Revocation List (CRL) disclosed in the CCADB and the CRL listed on their issued certificates. This issue was identified on December 19, 2025, and is related to the incorrect interpretation of CCADB policy requirements regarding CRL disclosures. GoDaddy is actively working to resolve this issue by updating their CRL disclosures and has implemented monitoring to ensure compliance moving forward. The incident does not involve certificate mis-issuance, as it is strictly a disclosure issue.
Chronology
- CCADB Policy 2.0 Effective Date (Out of Compliance Start)
- Non-compliance identified
- Monthly CCADB data disclosure review implemented
- Full review of CCADB policy completed
- Update on CRL JSON arrays for G2 intermediate
- Transitioning issuance to R1 Root hierarchy
Participants
Steven Deitte
CCADB Support
Aaron from Let's Encrypt
External References
Related Bugzilla IDs Mentioned
Similar Local Cases
GoDaddy: CA Certificates Published in PEM format
GoDaddy: Partitioned CRL files missing Issuing Distribution Point
GoDaddy: Missing R1 Intermediate Full CRL URLs in CCADB
GoDaddy: CA Certificates with HTTPS URL in AIA Field
GoDaddy: Precertificates incorrectly logged to DigiCert SCT Logs
GoDaddy: Revocation process is unusable due to contact address not accepting attachments
GoDaddy: Delayed revocation
GoDaddy: Delayed CRL File Updates