← DigiCert cases
Bugzilla #1397951 · Certificate Problem Report
DigiCert / InfoCert: Insufficient Serial Number Entropy
DigiCert · RESOLVED
AI Summary
This case addresses an incident involving DigiCert's subCA, InfoCert, which had insufficient serial number entropy leading to the revocation of three certificates. The issue was reported on August 10, 2017, and the subCA was revoked on August 1, 2017. DigiCert has since implemented process changes to ensure timely uploads to OneCRL and prevent similar issues in the future.
Chronology
- Sub CA was revoked
- Problem reported via certificate problem report
- Case resolved
Participants
Kathleen Wilson
Jeremy Rowley
Ryan Sleevi
Ben Wilson
External References
Similar Local Cases
DigiCert: Certificate Issues Identified on the Mailing List
DigiCert: Failure to revoke key-compromised certificates within 24 hours
DigiCert / CTJ: Metadata in OU fields, Reserved IP Address
DigiCert: Non-BR-Compliant OCSP Responders
DigiCert: OCSP responder returning invalid responses
DigiCert: no subject alternative name in Siemens certs
Digicert: Preview certificate uploaded to CCADB instead of the actual certificate
DigiCert: Issuance of Cert with Compromised Key