← Government of Spain, Fábrica Nacional de Moneda y Timbre (FNMT) cases
Bugzilla #2012326 Certificate Misissuance

FNMT: Issuance of certificate using keys previously reported as compromised

RESOLVED FIXED Government of Spain, Fábrica Nacional de Moneda y Timbre (FNMT)
AI Summary

On January 23, 2026, FNMT-RCM was informed of a TLS certificate mis-issuance due to the use of a previously revoked private key that had suffered a key compromise. An investigation revealed that three certificates were affected, with one still active at the time of the incident. The affected certificate was revoked within 24 hours, and FNMT has committed to improving its monitoring processes to prevent future occurrences. The incident was reported by a third party, highlighting the need for enhanced verification and automated checks.

Model: gpt-4o-mini Generated: 2026-06-13 21:15 UTC Confidence: 0.95
Chronology
  1. Incident reported by third party
  2. Preliminary Incident Report opened
  3. Full Incident Report submitted
  4. Report closure summary provided
Participants
Amaya Espinosa
External References
Original Bugzilla Case cabforum.org crt.sh crt.sh
Related Bugzilla IDs Mentioned
#2012157 #2012274
Similar Local Cases
#1922906 RESOLVED Certificate Misissuance Opened 2024-10-05 · Closed 2025-02-12 · 59% similar
FNMT: LDAP URI in CRL Distribution Points Extension
AI Summary CA Owner
#1495507 RESOLVED Certificate Misissuance Opened 2018-10-01 · Closed 2023-02-22 · 50% similar
FNMT: OU exceeds 64 characters
AI Summary CA Owner
#1696872 RESOLVED Certificate Misissuance Opened 2021-03-08 · Closed 2025-03-20 · 50% similar
FNMT: Missisuance of web site certificates without CA/Browser Forum’s reserved policy OID
AI Summary CA Owner
#2012157 RESOLVED Certificate Misissuance Opened 2026-01-23 · Closed 2026-03-08 · 49% similar
Actalis: Issuance of certificate using keys previously reported as compromised
AI Summary CA Owner
#1715929 RESOLVED Certificate Misissuance Opened 2021-06-11 · Closed 2023-02-22 · 44% similar
Sectigo: Incorrect EV businessCategory
AI Summary CA Owner
#1500621 RESOLVED Certificate Misissuance Opened 2018-10-19 · Closed 2023-02-22 · 43% similar
DigiCert: Internal Domain Name cert mis-issuance
AI Summary CA Owner
#1595921 RESOLVED Certificate Misissuance Opened 2019-11-12 · Closed 2023-02-22 · 43% similar
DigiCert: Domain validation skipped
AI Summary CA Owner
#1563574 RESOLVED Certificate Misissuance Opened 2019-07-04 · Closed 2023-02-22 · 43% similar
SECOM: Failure to disclose Unconstrained Intermediate within 7 Days
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action