← D-TRUST cases
Bugzilla #1563772 Certificate Problem Report

D-TRUST: Precertificate OU > 64 Characters

RESOLVED FIXED D-TRUST
AI Summary

D-TRUST identified an issue where the Organizational Unit (OU) field of precertificates exceeded the maximum length of 64 characters. This was discovered during an internal quality assurance check on July 5, 2019, leading to immediate corrective actions including stopping issuance and investigating the error. The root cause was determined to be a failure in the X.509 controls for precertificates, which had not effectively checked the field length in this specific case. D-TRUST has since implemented additional monitoring and control measures to prevent similar issues in the future.

Model: gpt-4o-mini Generated: 2026-06-13 18:16 UTC Confidence: 0.90
Chronology
  1. Internal quality assurance noticed the error
  2. Issuing stopped
  3. Revocation of defective pre-certificates
  4. Final incident report published
Participants
Enrico Entschew Ryan Sleevi Kim Nguyen
External References
Original Bugzilla Case crt.sh crt.sh
Similar Local Cases
#1567588 RESOLVED Certificate Problem Report Opened 2019-07-19 · Closed 2023-02-22 · 73% similar
D-TRUST: incorrectly formatted businessCategory entry
AI Summary CA Owner
#1390990 RESOLVED Certificate Problem Report Opened 2017-08-16 · Closed 2023-02-22 · 73% similar
D-TRUST: Non-BR-Compliant Certificate Issuance
AI Summary CA Owner
#1509512 RESOLVED Certificate Problem Report Opened 2018-11-23 · Closed 2023-02-22 · 62% similar
D-TRUST: syntax error in one tls certificate
AI Summary CA Owner
#1521950 RESOLVED Certificate Problem Report Opened 2019-01-22 · Closed 2023-02-22 · 50% similar
QuoVadis: BR Error - san dns name starts with period
AI Summary CA Owner
#1551362 RESOLVED Certificate Problem Report Opened 2019-05-14 · Closed 2023-02-22 · 50% similar
Sectigo: "Some-State" in stateOrProvinceName
AI Summary CA Owner
#1532333 RESOLVED Certificate Problem Report Opened 2019-03-04 · Closed 2023-02-22 · 50% similar
Camerfirma: Unrevocation of MULTICERT SSL Certification Authority 001 certificate
AI Summary CA Owner
#1550575 RESOLVED Certificate Problem Report Opened 2019-05-09 · Closed 2023-02-22 · 50% similar
Asseco DS / Certum: commonName not from subjectAltName entries
AI Summary CA Owner
#1398251 RESOLVED Certificate Problem Report Opened 2017-09-08 · Closed 2023-02-22 · 49% similar
Staat der Nederlandend / PKIoverheid: Non-BR-Compliant OCSP Responders
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action