September 2025
Unauthorised Issuance Cloudflare was notified through its vulnerability disclosure programme that Fina CA — a lesser-known certificate authority — had been issuing unauthorised certificates for 1.1.1.1, Cloudflare's globally used public DNS resolver service. The unauthorised issuance had been going on quietly since February 2024 and produced twelve certificates for 1.1.1.1 over an 18-month period — all without Cloudflare's knowledge or permission. Cloudflare confirmed there was no evidence of active exploitation, noting that an attacker would also need the corresponding private key and would need to intercept traffic to 1.1.1.1 to cause harm. The certificates were revoked and the incident was flagged via the Certificate Transparency mailing list.
June 2025
Compliance Failures — Chrome Distrust
Google announced that Chrome 139 (released August 2025) would
stop trusting TLS certificates issued by two CAs: Chunghwa
Telecom (Taiwan's largest telecoms company and operator of
the ePKI CA) and Netlock (a Hungarian CA offering digital
identity and electronic signature services). The decision
came after a sustained period of monitoring by Google's Chrome
Root Program team, which documented a consistent pattern of
compliance failures, broken improvement commitments, and a
failure to make any measurable progress in response to
publicly reported incidents.
This was not a single dramatic breach — it was the slow
erosion of trust through repeated small failures and broken
promises. Google's statement made this clear: "These patterns
represent a loss of integrity and fall short of expectations,
eroding trust in these CA Owners as publicly-trusted
certificate issuers trusted by default in Chrome." Any
certificates issued by either CA after July 31, 2025 began
triggering full-page "Your connection is not private"
warnings in Chrome. It is worth noting that Apple had already
quietly distrusted a Netlock root certificate in November 2024,
foreshadowing Google's more public action. Entrust had
sold its certificate business to Sectigo following a similar
distrust action in late 2024.
The Hacker News Report
April 2025
Inadequate Control — Domain Validation Flaw
A security researcher discovered a critical vulnerability in
SSL.com's domain control validation (DCV) process. The flaw lay
in how SSL.com implemented the email-to-DNS-TXT-contact
validation method — it was incorrectly treating the hostname of
an approver's email address as a verified domain. In practice,
this meant that anyone with an email address at a target domain
(even a regular employee, not an administrator) could obtain a
valid TLS certificate for that entire domain.
To prove the flaw, the researcher created a DNS TXT record for
a test domain using an @aliyun.com email address and successfully
obtained a fraudulent certificate for aliyun.com — the official
website of Alibaba Cloud, one of the world's largest cloud
providers. SSL.com identified 11 additional certificates that
had been wrongly issued using the same method and revoked them
all. The vulnerable DCV method was immediately disabled while
a fix was developed. The incident was a stark reminder that
even the most fundamental CA process — confirming you own a
domain before issuing a certificate for it — can be subtly
and dangerously broken.
SecurityWeek Report
July 2024
Technology Malfunction — Mass Revocation Crisis
In one of the most disruptive CA incidents in recent memory,
DigiCert discovered a five-year-old programming bug in its
domain control verification (DCV) process. The flaw meant that
some CNAME-based domain validations were being processed without
the required underscore prefix in the random validation value —
a small technical omission, but one that broke CA/Browser Forum
rules. Under those rules, DigiCert had no choice but to revoke
all affected certificates within 24 hours.
The scale was staggering — over 83,000 certificates belonging
to around 6,800 customers were impacted, with Censys identifying
more than 33,000 of them actively in use on the public web at
the time.
One affected company, Alegeus (a healthcare financial tech firm),
went as far as seeking a court order to delay revocation,
citing severe risk to its operations. CISA issued an official
alert urging critical infrastructure operators to act
immediately. DigiCert eventually allowed limited extensions for
critical infrastructure operators, but all affected certificates
were revoked no later than August 3, 2024. The incident
reignited a long-running debate about whether the CA/Browser
Forum's 24-hour revocation rule is realistic for large-scale
incidents.
DigiCert Incident Report |
CISA Alert
June 2024
Entrust Incident March-May 2024
(Google Chrome 127
and higher distrust certificates issued by Entrust roots whose
earliest Signed Certificate Timestamp (SCT) is dated after October
31, 2024)
Entrust, one of the oldest Certification Authorities (CAs), is in
trouble with Mozilla and other root stores. In the last several years,
going back to 2020, there have been multiple persistent technical
problems with Entrust’s certificates. That’s not a big deal when it
happens once, or even a couple of times, and when it’s handled well. But
according to Mozilla and others, it hasn’t been. Over time, frustration
grew. Promises were made, then broken. Finally, in May, Mozilla compiled
a list of recent issues and asked Entrust to formally respond.
Entrust in Trouble
Summary of Entrust Incidents - March-May 2024
Recent Entrust Compliance Incidents - Google Group
Sustaining Digital Certificate Security - Entrust
Certificate Distrust - Google Security Blog
June 2023
Lets Encrypt's Signature Saga: A Tale of Certificates
Gone Astray
Let's Encrypt, a popular certificate authority, recently experienced an
outage resulting in the issuance of certificates with invalid
signatures. The incident occurred during a planned change in their
certificate configuration, causing discrepancies between the
precertificates and the final leaf-certificates.
As a result, these certificates did not work in Chrome or Safari.
Asap the problem was reported, the certificate authority paused
issuance, resolved the issue, and revoked the affected certificates as
per the Baseline Requirements. To delve into the incident's details,
including the root cause and impact, you can refer to the detailed blog
post available at:
https://www.agwa.name/blog/post/last_weeks_lets_encrypt_downtime.
June 2023
HiCA's Unconventional Certificate Obtaining Process
Raises Concerns
HiCA, has been found injecting arbitrary code into the certificate
obtaining process, raising questions about its safety and intentions.
The company's deviation from standard ACME protocols and its use of
unconventional practices, including executing remote commands, pose
potential security risks. For more details on the incident and its
impact, refer to the comprehensive analysis in the detailed post:
https://github.com/acmesh-official/acme.sh/issues/4659.
March 2020
Boulder Bug Let's Encrypt discovered a bug that led to the revocation of millions of issued certificates.
March 2018
Private Keys Breach Due to compromise of private keys, DigiCert announced the revocation of approximately 20,000 Symantec certificates including GeoTrust, Thawte and RapidSSL brands.
September 2017
Inadequate Control Google's investigation revealed that Symantec had mis-issued over 30,000 certificates over several years, many without proper domain validation. What made this particularly serious was that Symantec, through its brands (GeoTrust, Thawte, RapidSSL, VeriSign), controlled nearly 30% of all trusted certificates on the web at the time. After a prolonged and public dispute, Google Chrome gradually distrusted all Symantec-issued certificates, forcing Symantec to sell its CA business to DigiCert in 2017 — effectively ending one of the oldest names in internet security.
September 2017
Inadequate Control Numerous issues centering around the mis-issued of SSL certificates.
January 2017
Business Partner Blunder CrossCert, a South Korean CA operating as a Symantec affiliate, was found to have deliberately overridden Symantec's own compliance flags — internal warning systems designed to catch domain validation problems — in order to push certificates through faster. Rather than investigating why the flags were being raised, CrossCert simply bypassed them. This was not a technology failure; it was a process failure driven by commercial pressure, and it directly contributed to Mozilla's broader investigation into Symantec's reseller network.
October 2016
Abuse of Trust An investigation by Mozilla revealed that WoSign, a major Chinese CA, had engaged in numerous questionable practices — most notably backdating SHA-1 certificates to before the industry-wide deadline of January 1, 2016, in order to circumvent the deprecation of the weak algorithm. WoSign had also secretly acquired StartCom without disclosing the ownership change to browser vendors, violating CA transparency requirements. Both WoSign and StartCom were subsequently distrusted by Apple, Mozilla and Google.
October 2016
Technology Malfunction Comodo's automated certificate issuance system suffered an OCR (optical character recognition) failure during document processing, causing it to misread validation documents and issue certificates to the wrong entities. It was a reminder that automation without sufficient checks can introduce its own category of errors — the system was doing exactly what it was told, just based on the wrong input.
August 2016
Technology Malfunction A faulty software upgrade in GoDaddy's certificate issuance pipeline introduced a flaw that allowed certain servers to bypass the domain authentication process entirely — meaning certificates could be issued without properly confirming that the requester actually controlled the domain. GoDaddy discovered the issue internally and revoked the affected certificates. While there was no evidence of malicious exploitation, the incident underlined how a routine upgrade, if not properly tested, can quietly undermine the entire validation chain that certificates are built upon.
August 2016
Abuse of Trust Caught issuing certificates to non-domain owners.
July 2016
Technology Malfunction A dangling markup injection vulnerability in Comodo's web-based certificate request interface allowed an attacker to manipulate the validation process and obtain arbitrary wildcard certificates. Wildcard certificates cover an entire domain and all its subdomains, meaning a single fraudulently obtained wildcard cert could be used to impersonate any part of a target organisation's web presence. Comodo patched the vulnerability and revoked the affected certificates.
February 2016
Technology Malfunction Systems incorrectly parse email addresses leaving them open to abuse.
September 2015
Human Error Mis-issued test certificates without review by authentication personnel.
March 2015
Inadequate Control Issued certificate to a misconfigured privileged email on Microsoft's live.fi.
March 2015
Abuse of Trust China's Internet Network Information Center (CNNIC) issued an unconstrained intermediate certificate to an Egyptian company, MCS Holdings, which used it inside a firewall to intercept HTTPS traffic. The incident sparked fierce debate because CNNIC is operated by the Chinese government, raising concerns about state-sponsored surveillance. Google and Mozilla subsequently removed CNNIC from their trusted root stores — one of the very few times a major government-backed CA has been distrusted by browser vendors.
July 2014
Inadequate Control India's National Informatics Centre (NIC), operating under the Controller of Certifying Authorities (CCA India), mis-issued several unauthorized certificates for Google domains. The NIC was an intermediate CA under the India CCA root. Mozilla, Google and Microsoft responded by constraining the India CCA root to only issue certificates for .in domains, effectively limiting its scope permanently.
December 2013
Business Partner Blunder France's national cybersecurity agency ANSSI issued an unconstrained subordinate CA certificate to the French Treasury's network monitoring team. This intermediate certificate was then used to issue fake certificates for Google domains, enabling traffic interception inside government networks. When discovered, Google, Mozilla and Microsoft distrusted the specific ANSSI intermediate. ANSSI acknowledged the incident and stated the certificates were used only on internal government networks, though this did not diminish the seriousness of the breach of CA baseline requirements.
December 2012
Human Error TrustWave issued two subordinate CA certificates to a corporate customer for use in SSL inspection (man-in-the-middle) appliances — effectively allowing the customer to intercept and decrypt HTTPS traffic of their own employees. While TrustWave argued this was a legitimate enterprise use case, the broader security community condemned it as a fundamental abuse of CA trust, since the certificates could technically be used to impersonate any website on the Internet. TrustWave subsequently committed to never issuing such certificates again.
September 2011
Compromise In September 2011, just weeks after the DigiNotar disaster was making headlines, GlobalSign — one of Europe's largest CAs — made the cautious decision to voluntarily suspend all certificate issuance while it investigated a claimed breach by the same hacker who attacked DigiNotar. The investigation ultimately found that only a small portion of GlobalSign's web infrastructure had been touched, and no fraudulent certificates had been issued. GlobalSign resumed issuance after completing its investigation, but the incident highlighted just how rattled the entire CA industry was in the aftermath of DigiNotar.
August 2011
Hacker Compromise In one of the most catastrophic CA breaches ever recorded, DigiNotar's systems were compromised by an Iranian hacker known as "Comodohacker". Over 500 fraudulent certificates were issued, including one for *.google.com that was actively used to intercept Gmail traffic of approximately 300,000 Iranian users. The Dutch government, which relied on DigiNotar for citizen-facing services, was severely impacted. Within weeks of the breach becoming public, all major browsers distrusted DigiNotar, effectively putting the CA out of business permanently. It remains the only major CA to have been completely destroyed by a security incident.
June 2011
Hacker Compromise StartCom, an Israeli CA, was targeted by the same attacker responsible for the Comodo reseller breach earlier that year. The CEO of StartCom, Eddy Nigg, personally discovered the intrusion and managed to shut it down before any fraudulent certificates could be issued. While StartCom avoided a full-blown crisis, the breach was a warning sign — one that went largely unheeded. The CA would later resurface in controversy in 2016 when it was acquired by WoSign and subsequently distrusted by all major browsers alongside its new parent company.
March 2011
Hacker Compromise
A Comodo reseller, GlobalTrust.it, was compromised by an attacker
who used stolen credentials to mis-issue fraudulent certificates
for high-profile domains including Mozilla.com, Google.com,
and login.yahoo.com.
December 2008
Business Partner Blunder Comodo reseller CertStar mis-issued a certificate for login.live.com without performing proper domain validation checks, relying solely on email-based verification. This exposed a systemic weakness in how Comodo managed its reseller network's validation practices.
July 2008
Inadequate Control Thawte mis-issued a certificate for login.live.com to an unauthorized requestor. The incident highlighted weaknesses in the domain validation process where certificates could be obtained simply by demonstrating control of a related email address rather than actual domain ownership.