Mis-Issuance of a SSL multi-domain certificate

To whom it may concern We have to inform you about a mis-issuance of a SSL multi-domain certificate with a wrong SAN entry showing the word “dns” again (no valid FQDN). We detected this error this morning based on our now implemented cablint based error detection system. The certificate concer

Re: Incident Certificate signed with SHA1 Violation BR 7.3.1

Am Freitag, 15. September 2017 16:25:36 UTC+2 schrieb Gervase Markham: > On 15/09/17 13:55, cornelia.enk...@gmail.com wrote: > > technically the CA now is disabled to sign certificates using SHA1 > > But presumably you thought that was true before this incident? (And if > not, why not?) > > Gerv

Re: Doppelganger/tripleganger intermediate certificates

Thanks, Rob, for the investigation. We detected that the certificates were incorrectly issued in 2009 with a double serial number. The CA software used in recent years had special protection against abusive issuing and revocation of certificates with the same serial number. This led to the situa