← DigiCert cases
Bugzilla #1451446 · Certificate Misissuance
DigiCert / ABB: greater than 825 day cert issuance
DigiCert · RESOLVED
AI Summary
DigiCert identified that its SubCA, ABB, issued a certificate with a lifespan exceeding the 825-day limit. The issue was reported on March 16, 2018, leading to immediate revocation of the certificate. DigiCert has since reinforced communication with its subCAs to prevent future occurrences and has moved ABB to a managed service to ensure compliance with certificate issuance policies.
Chronology
- Ballot 193 maximum 825-day life takes effect
- ABB mis-issued a certificate valid for 30 months
- DigiCert notified of the mis-issuance
- ABB ceased issuing certificates
Participants
Brenda Bernal
External References
Similar Local Cases
DigiCert: Internal Domain Name cert mis-issuance
DigiCert: "Some-State" in stateOrProvinceName
DigiCert: SHA-1 intermediate issued after 2016-01-01
DigiCert: Underscores - Intuit
DigiCert / Justica: Invalid DNS names
DigiCert: DigiCert issued cert with CN too long
DigiCert / Inteso San Paulo: Double dot characters
DigiCert: Mis-issuance of certificate with https in CN/SAN