← DigiCert cases
Bugzilla #1353827 · Certificate Misissuance
DigiCert: DigiCert issued cert with CN too long
DigiCert · RESOLVED
AI Summary
DigiCert issued a certificate with a commonName (CN) that exceeded the RFC 5280 limit of 64 characters, resulting in a compliance issue. The incident was reported on the Mozilla dev security policy forum, prompting an investigation by DigiCert. They acknowledged the mistake, revoked the certificate, and implemented measures to prevent future occurrences. The case has since been resolved with the necessary corrections made to their systems.
Chronology
- Incident reported and investigation initiated
- Certificate revoked and system patched
Participants
Kathleen Wilson
Jeremy Rowley
Ryan Sleevi
External References
Similar Local Cases
DigiCert / Siemens: Insufficient Serial Number Entropy
DigiCert / Swiss Government: CommonName not in SANs
DigiCert / Telecom Italia: Several Problems
DigiCert / Inteso San Paulo: Double dot characters
DigiCert: "Some-State" in stateOrProvinceName
DigiCert / Justica: Invalid DNS names
DigiCert: Verizon mis-issued test certificates
DigiCert / Terena: Metadata in OU fields