← PostSignum cases
Bugzilla #2021239
Certificate Problem Report
PostSignum: Length Subject organizationName
RESOLVED
FIXED
PostSignum
AI Summary
PostSignum reported an incident involving the issuance of certificates with organization names exceeding 64 characters, violating established policy. The issue was identified after a third-party report highlighted a certificate issued in January 2026. A total of 12 certificates were affected, with 7 remaining valid at the time of reporting. The CA acknowledged misinterpretation of verification requirements, leading to the erroneous issuance. All impacted certificates have since been revoked, and the CA has committed to preventing future occurrences of this issue.
Chronology
- Received a Certificate Problem Report identifying a certificate with a long organization name.
- Non-compliance identified regarding organization name length.
- Preliminary Incident Report established.
- All impacted certificates have been revoked.
Participants
CA PostSignum
External References
Similar Local Cases
Sectigo: Certificate issuance by non-compliant Extant S/MIME CA
TWCA: TLS EV certificates with invalid subject attribute order
Microsoft PKI Services: Issuance of intermediates after 2019-01-01 that do not comply with Mozilla Policy
D-TRUST: EV certificates with incorrectly used businessCategory entry
SwissSign: Certificate issue with Signature
SSL.com: Incorrect Open MPIC Lambda implementation by EJBCA ACME Service
Sectigo: invalid dnsName
Bug in GlobalSign Certificate Centre not populating EKUs in 68 SSL certificates