Certificate with invalid CN and dnsName issued by certSIGN
156 views
Skip to first unread message
Jonathan Rudenberg
unread,
Aug 2, 2017, 12:28:48 PM8/2/17
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to mozilla-dev-s...@lists.mozilla.org, off...@certsign.ro
This certificate, issued on July 27 by certSIGN, has an invalid common name of “todyro_2017” and an invalid SAN dnsName of “ tody.ro” (note the leading space):
The above is not the first certificate issued by certSIGN with a leading space in a dnsName, which points to a failure in technical controls. Here is another one: