DigiCert: CAA processing during network disruption

DigiCert experienced a network disruption on February 12, 2026, which led to the issuance of certificates without proper CAA verification. The CAA Service incorrectly treated internal timeouts as external DNS lookup failures, resulting in 41,105 certificates being affected. All affected certificates were revoked within the required timeframes, and DigiCert has since implemented measures to ensure compliance with TLS BR requirements.

1. 2026-02-12 MPIC Service experiences intermittent disruption
2. 2026-02-13 Third party reports potential mis-issuance
3. 2026-02-14 Initial certificate revoked
4. 2026-02-16 All remaining valid certificates revoked
5. 2026-04-07 Incident report closure summary provided