DigiCert: Some certificates issued with CRLDPs that don’t exactly match CCADB disclosures

DigiCert reported an incident involving a small number of issued certificates with CRLDP URLs that did not match those disclosed in the Common CA Database (CCADB). Initial reports indicated four mismatched URLs, but further investigation revealed 334 affected URLs. The issue arose from changes to the CCADB API that disrupted automated CRL synchronization, leading to reliance on manual updates. The discrepancies were resolved, and measures have been implemented to prevent future occurrences.

1. 2025-12-20 Preliminary incident report filed
2. 2025-12-31 Full incident report submitted
3. 2026-01-30 Issue resolved
4. 2026-02-01 Automated CRLDP updates restored
5. 2026-02-10 Final call for comments on incident report