Hello, On Mon, 16 Mar 2026 06:43:10 -0700 (PDT) "Yuwei HAN (hanyuwei70)" <[email protected]> wrote:
> https://crt.sh/?id=24937759962 private key is leaked, and subCA > WoTrus RSA DV SSL CA 2 (https://crt.sh/?caid=427494) seems lack a > quick way (posting by web form) to submit revocation request. So the > report is posted to Sectigo. For what it's worth, I guess you're talking about this key: https://x.com/realNyarime/status/2033428417488757122 Sectigo offers an ACME endpoint to revoke certs, and I can say from experience that this also works with their branded sub-CAs. I just tried to revoke the cert, but it was already revoked. Sectigo ACME endpoint URL is: https://acme.sectigo.com/v2/keyCompromise -- Hanno Böck - Independent security researcher https://itsec.hboeck.de/ https://badkeys.info/ -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/20260316154035.44324e46%40hboeck.de.
