← Certainly LLC cases
Bugzilla #2052085 Self Reported Incident Incident Ccadb Disclosure Issue

Certainly: Missing audit log entries for certificates issued during capacity testing

ASSIGNED Certainly LLC
This summary was auto-generated by AI and revised by me when needed — accuracy improves with each update. Always refer to the official Bugzilla thread as the authoritative source. If you spot an inaccuracy, let me know via the contact form.
AI Summary

Certainly reported a compliance incident discovered during its annual WebTrust audit. It stated that 5,868 certificates issued during planned capacity characterization testing on 2026-04-01 and 2026-04-02 are missing some or all expected audit log entries. Certainly attributed the root cause to kernel-level syslog socket saturation under sustained high-volume issuance (280–360 certificates/second). The thread states that all affected certificates have since expired (30-day validity) and that zero remain valid. Certainly also said it is developing remediation to prevent this failure pathway and to monitor for missing audit entries in the future. The report notes that Certainly will publish a full incident report by 2026-07-13.

Model: gpt-5.4-nano Generated: 2026-07-04 18:31 UTC Confidence: 0.86 1 comment
Chronology
  1. Certificates were issued during planned capacity characterization testing.
  2. Certificates were issued during planned capacity characterization testing.
  3. Certainly disclosed an incident: missing audit log entries for certificates issued during capacity testing.
Thread Activity
  1. djeffery@fastly.com — Posted a preliminary incident report stating 5,868 capacity-test-issued certificates are missing expected audit log entries, with a stated root cause and planned remediation plus a full incident report publication date of 2026-07-13.
Participants
djeffery@fastly.com
External References
Similar Local Cases
#2052399 UNCONFIRMED Incident Self Reported Incident Repository Issue Opened 2026-07-03 Still Open · 89% similar
Certainly: Expired certificates on "Valid" and "Revoked" test websites
#1968836 RESOLVED Incident Self Reported Incident Opened 2025-05-28 · Closed 2025-08-26 · 78% similar
Certainly: Sample Websites Unavailable
#1954889 RESOLVED Self Reported Incident Revocation Issue Opened 2025-03-19 · Closed 2025-03-28 · 77% similar
Certainly: Early CRL Entry Removal
#2016585 RESOLVED Self Reported Incident Incident Opened 2026-02-12 · Closed 2026-06-15 · 71% similar
IdenTrust: Test Certificates from cross-signed roots not disclosed in CT Logs
#1798053 RESOLVED Incident Opened 2022-10-28 · Closed 2023-02-22 · 71% similar
Certainly: Serving Bad OCSP Responses
#1664328 RESOLVED Incident Self Reported Incident Opened 2020-09-10 · Closed 2023-02-22 · 70% similar
GlobalSign: SHA-256 hash algorithm used with ECC P-384 key
#1771238 RESOLVED Incident Opened 2022-05-25 · Closed 2023-02-22 · 70% similar
Certainly: Serving Expired OCSP Responses
#1534429 RESOLVED Incident Self Reported Incident Opened 2019-03-11 · Closed 2023-02-22 · 70% similar
Camerfirma: Multicert SSL CA 001: Insufficient serial number entropy

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action