Closed Bug 1294276 Opened 9 years ago Closed 9 years ago

Cihaz Sertifikası Hizmet Sağlayıcısı - Sürüm 3 issuing certificates without subject alternative name extensions

Categories

(CA Program :: CA Certificate Root Program, task)

Product:
CA Program
Component:
CA Certificate Root Program
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: keeler, Assigned: kathleen.a.wilson)

References

Details

Cihaz Sertifikası Hizmet Sağlayıcısı - Sürüm 3 has as recently as December of 2015 issued certificates without a subject alternative name extension. See for example https://crt.sh/?id=11626595&opt=cablint As there are no publicly-logged certificates issued after this time, it's unclear if this is an ongoing issue or if this has already been resolved.
Tuğba, I believe this subCA chains up to one of the Kamu SM root certs. If so, please confirm that this customer has stopped issuing SSL certs that don't have the dNSNames in the subjectAltName extension. Then, please close this bug.
Kathleen and David, Yes, this subCA chains up to one of the Kamu SM root certs. But, this SubCA has stopped issuing SSL certs. In terms of conformity to CAB Forum BR, our new sub Root (Cihaz Sertifikası Hizmet Sağlayıcısı - Sürüm 4 - http://depo.kamusm.gov.tr/ssl/CSHS.v4.cer ) issues certificates that must have the dNSNames in the subjectAltName extension since 12/18/2015.
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Product: mozilla.org → NSS
Product: NSS → CA Program
You need to log in before you can comment on or make changes to this bug.