User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36
Here is an incident report align the mozilla template :
1/ How your CA first became aware of the problem.
After a notification of Alex TAYLOR posted on friday evening.
And by the internal bug report received on monday morning.
2/ A timeline of the actions your CA took in response.
05/04/2019 14:42:27 : issuance of a certifcate whith an empty SAN
08/04/2019 14:59:55 : revocation of the certificate
08/04/2019 15:10:16 : issuance of one certificate with an empty SAN
08/04/2019 15:12:50 : revocation of the certificate
3/ Whether your CA has stopped, or has not yet stopped, issuing certificates with the problem.
the cause has been identified and the problem is now corrected
4/ A summary of the problematic certificates.
2 certificates "vsmp-ada.net-courrier.extra.laposte.fr"
5/ The complete certificate data for the problematic certificates.
6/ Explanation about how and why the mistakes were made or bugs introduced, and how they avoided detection until now.
The request made by our mother compny's RA (always for the domain name "laposte.fr" are created by technicians under the forme of a CSR).
The registration operator who validated the request did not care that an empty space had been entered by mistake.
7/ List of steps your CA is taking to resolve the situation and ensure such issuance will not be repeated in the future.
This RA will be disabled tomorrow, and that will last until pre-issuance linting will be operative on our PKI.