← AC Camerfirma, S.A. cases
Bugzilla #723722 · Certificate Problem Report
EV SSL certificate (and OCSP response) for www.camerfirma.com fails to meet EV Guidelines
AC Camerfirma, S.A. · RESOLVED
AI Summary
The EV SSL certificate for www.camerfirma.com was found to be non-compliant with EV guidelines, failing to display the expected green bar in browsers. Issues included a 1024-bit key and an outdated OCSP response. After discussions, Camerfirma addressed these problems by updating their OCSP responder and reissuing certificates with the correct key length. The issue has since been resolved, and the green bar now appears correctly.
Chronology
- Initial report of EV compliance issue
- Discussion on certificate issues and OCSP response
- Camerfirma commits to fixing OCSP and key length
- Confirmation of issue resolution and compliance
Participants
Kathleen Wilson
Ramiro from Camerfirma
Matti Mversen
Eddy Nigg
External References
Similar Local Cases
Camerfirma: certs with duplicate SANs and without localityName or stateOrProvinceName
Camerfirma: Startcom are issuing by proxy using Camerfirma
StartCom cert not working in Firefox 4 beta
GoDaddy's intermediate CA not in the Mozilla CA bundle
StartCom: IV without localityName or stateOrProvinceName
StartCom: public exponent is 1
StartCom: OCSP responder often returns "unknown" for recently-issued certificates
Clarification requested regarding remediation of StartCom certificate issuance vulnerability