← China Financial Certification Authority (CFCA) cases
Bugzilla #1532429 Certificate Problem Report

CFCA: Invalid TLD in SAN

RESOLVED FIXED China Financial Certification Authority (CFCA)
AI Summary

The China Financial Certification Authority (CFCA) addressed an issue regarding a certificate with an invalid domain in the Subject Alternative Name (SAN) field. This problem was identified through community reports, and CFCA confirmed that the certificate had not been deployed in production and was revoked on March 1, 2019. They implemented a fix on February 27, 2019, and have since updated their processes to prevent similar issues, including the introduction of a hard fail detection mechanism and enhanced employee training.

Model: gpt-4o-mini Generated: 2026-06-13 18:05 UTC Confidence: 1.00
Chronology
  1. CFCA implemented a fix for the invalid SAN issue.
  2. CFCA revoked the problematic certificate.
  3. All questions were answered and remediation was confirmed as completed.
Participants
Wayne Thayer Jonathan Sun Ryan Sleevi Oliver
External References
Original Bugzilla Case crt.sh wiki.mozilla.org
Similar Local Cases
#1524733 RESOLVED Certificate Problem Report Opened 2019-02-02 · Closed 2023-02-22 · 78% similar
CFCA: invalid dnsNames
AI Summary CA Owner
#1532559 RESOLVED Certificate Problem Report Opened 2019-03-05 · Closed 2023-02-22 · 77% similar
CFCA: Wrong SerialNumber encoding
AI Summary CA Owner
#1524143 RESOLVED Certificate Problem Report Opened 2019-01-31 · Closed 2023-02-22 · 76% similar
CFCA: Internal iPAddress in certificate
AI Summary CA Owner
#1532113 RESOLVED Certificate Problem Report Opened 2019-03-03 · Closed 2023-02-22 · 70% similar
CFCA: O > 64 characters
AI Summary CA Owner
#1558552 RESOLVED Certificate Problem Report Opened 2019-06-11 · Closed 2023-02-22 · 60% similar
SwissSign: CP/CPS certificate profile issue
AI Summary CA Owner
#1576283 RESOLVED Certificate Problem Report Opened 2019-08-23 · Closed 2023-02-22 · 59% similar
QuoVadis: N/A in EV serialNumber field
AI Summary CA Owner
#1544722 RESOLVED Certificate Problem Report Opened 2019-04-16 · Closed 2023-02-22 · 59% similar
SECOM: certificate for which “L” and “ST” not set
AI Summary CA Owner
#1535871 RESOLVED Certificate Problem Report Opened 2019-03-16 · Closed 2023-02-22 · 58% similar
PKIoverheid: KPN Insufficient Serial Number Entropy
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action