← Visa cases
Bugzilla #2032468 Certificate Misissuance

VISA: Misissuance detected by PKIMetal

ASSIGNED Visa
AI Summary

Visa has acknowledged a misissuance incident involving certificates issued under the Visa Public RSA Root CA that exceeded the maximum validity period allowed by the CA/Browser Forum Baseline Requirements. The issue was identified on April 16, 2026, and involved 233 certificates, with 124 deemed affected. Visa is currently transitioning to a new root, the Visa TLS Root CA, to ensure compliance and has initiated a replacement and revocation plan for the affected certificates. The community has raised concerns regarding the timeliness and transparency of Visa's responses and the adequacy of their compliance processes.

Model: gpt-4o-mini Generated: 2026-06-13 20:53 UTC Confidence: 0.90
Chronology
  1. Transition strategy defined for Visa Public RSA Root CA.
  2. CCADB inclusion requests submitted for Visa TLS Root CA.
  3. New maximum validity period for TLS certificates takes effect.
  4. Misissuance identified by PKIMetal.
  5. Non-compliance ended with updated processes.
Participants
ijeun@visa.com incident-reporting@ccadb.org trusten.sec@gmail.com rdaurne77@gmail.com Zacharias.bjorngren@gmail.com
External References
Original Bugzilla Case crt.sh crt.sh www.ccadb.org
Similar Local Cases
#2009941 RESOLVED Certificate Misissuance Opened 2026-01-13 · Closed 2026-04-06 · 55% similar
Firmaprofesional: Misissuance of TLS Subordinate CA "AC Firmaprofesional - Secure Web 2024"
AI Summary CA Owner
#2032476 RESOLVED Certificate Misissuance Opened 2026-04-16 · Closed 2026-05-07 · 55% similar
Microsoft PKI Services: Misissuance detected by PKIMetal
AI Summary CA Owner
#2014609 RESOLVED Certificate Misissuance Opened 2026-02-05 · Closed 2026-04-11 · 53% similar
IdenTrust: Cross-signed root certificate mis-issuance
AI Summary CA Owner
#1315016 RESOLVED Certificate Misissuance Opened 2016-11-03 · Closed 2022-11-14 · 50% similar
SHA-1 issuance by Visa root
AI Summary CA Owner
#2032473 ASSIGNED Certificate Misissuance Opened 2026-04-16 Still Open · 49% similar
CCA India: Misissuance detected by PKIMetal
AI Summary CA Owner
#2032478 ASSIGNED Certificate Misissuance Opened 2026-04-16 Still Open · 48% similar
Government of Korea: Misissuance detected by PKIMetal
AI Summary CA Owner
#2032482 ASSIGNED Certificate Misissuance Opened 2026-04-16 Still Open · 48% similar
OATI: Misissuance detected by PKIMetal
AI Summary CA Owner
#2032485 RESOLVED Certificate Misissuance Opened 2026-04-16 · Closed 2026-05-04 · 48% similar
DigiCert: Misissuance detected by PKIMetal
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action