← Consorci Administració Oberta de Catalunya (Consorci AOC, CATCert) cases
Bugzilla #1390988 Certificate Problem Report

Consorci AOC: Non-BR-Compliant Certificate Issuance

RESOLVED FIXED Consorci Administració Oberta de Catalunya (Consorci AOC, CATCert)
AI Summary

The Consorci Administració Oberta de Catalunya (Consorci AOC) faced issues with the issuance of non-BR-compliant certificates, specifically involving invalid DNS names. The CA was alerted to these problems through a Bugzilla report and discussions in the mozilla.dev.security.policy forum. In response, the CA confirmed that it had ceased issuing problematic certificates and implemented additional controls to prevent future occurrences. A total of 11 misissued certificates were identified, and the CA has since revoked them. The CA has committed to regular updates and improvements to their processes to ensure compliance with industry standards.

Model: gpt-4o-mini Generated: 2026-06-13 17:04 UTC Confidence: 0.90
Chronology
  1. Initial report of non-compliance issues.
  2. CA confirmed cessation of problematic certificate issuance.
  3. CA implemented additional validation checks.
  4. Migration to BR-compliant certificate profiles completed.
  5. All previously issued non-compliant certificates revoked.
Participants
Kathleen Wilson Francesc Ferrer Ryan Sleevi Gervase Markham Wayne Thayer
External References
Original Bugzilla Case
Similar Local Cases
#1450805 RESOLVED Certificate Problem Report Opened 2018-04-02 · Closed 2022-11-14 · 73% similar
Add Consorci AOC "old" hierarchy to OneCRL
AI Summary CA Owner
#1390977 RESOLVED Certificate Problem Report Opened 2017-08-16 · Closed 2023-02-22 · 71% similar
Camerfirma: Non-BR-Compliant Certificate Issuance
AI Summary CA Owner
#1391087 RESOLVED Certificate Problem Report Opened 2017-08-16 · Closed 2023-02-22 · 69% similar
Visa: Non-BR-Compliant Certificate Issuance
AI Summary CA Owner
#1538673 RESOLVED Certificate Problem Report Opened 2019-03-25 · Closed 2023-02-22 · 68% similar
Consorci AOC: EC-SECTORPUBLIC insufficient serial number entropy
AI Summary CA Owner
#1393557 RESOLVED Certificate Problem Report Opened 2017-08-24 · Closed 2023-02-22 · 67% similar
GlobalSign: Non-BR-Compliant Certificate Issuance -- RSA key smaller than 2048 bits
AI Summary CA Owner
#1398259 RESOLVED Certificate Problem Report Opened 2017-09-08 · Closed 2023-02-22 · 65% similar
SECOM: Non-BR-Compliant OCSP Responders
AI Summary CA Owner
#1467110 RESOLVED Certificate Problem Report Opened 2018-06-06 · Closed 2024-05-09 · 64% similar
Consorci AOC: OCSP responding good for non-issued certs by Consorci AOC root already solved
AI Summary CA Owner
#1428832 RESOLVED Certificate Problem Report Opened 2018-01-08 · Closed 2023-02-22 · 64% similar
Consorci AOC: Problem reporting mechanism for Consorci AOC points to URL with invalid cert
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action