SSL.com: Expired CRLs
Categories
(CA Program :: CA Certificate Compliance, task)
Tracking
(Not tracked)
People
(Reporter: kathleen.a.wilson, Assigned: chris)
Details
(Whiteboard: [ca-compliance] Expired CRLs)
While processing revoked intermediate certificates for OneCRL (Bug #1550537#c1) we found that the following CRLs are expired.
4E2D1D96BCC25CA3
Domain The Net Technologies Ltd CA for Code Signing
http://crls.ssl.com/SSL.com-Enterprise-Intermediate-RSA-4096-R1.crl
Signature Algorithm: sha256WithRSAEncryption
Issuer: /C=US/ST=Texas/L=Houston/O=SSL Corp/CN=SSL.com Enterprise Intermediate CA RSA R1
Last Update: Apr 5 17:02:00 2019 GMT
Next Update: Apr 12 17:02:00 2019 GMT
4FD1E22E10E534D5
Domain The Net Technologies Ltd CA for SSL
http://crls.ssl.com/SSL.com-Enterprise-Intermediate-RSA-4096-R1.crl
Signature Algorithm: sha256WithRSAEncryption
Issuer: /C=US/ST=Texas/L=Houston/O=SSL Corp/CN=SSL.com Enterprise Intermediate CA RSA R1
Last Update: Apr 5 17:02:00 2019 GMT
Next Update: Apr 12 17:02:00 2019 GMT
21316F97A5B48BA2
Domain The Net Technologies Ltd CA for EV SSL
http://crls.ssl.com/SSL.com-Enterprise-Intermediate-EV-RSA-4096-R1.crl
Signature Algorithm: sha256WithRSAEncryption
Issuer: /C=US/ST=Texas/L=Houston/O=SSL Corp/CN=SSL.com EV Enterprise Intermediate CA RSA R1
Last Update: Apr 5 17:01:00 2019 GMT
Next Update: Apr 12 17:01:00 2019 GMT
713C71899E0B08E4
MilleniumSign SSL Certificate CA RSA
http://crl.ca.pki.africa/IntercloudVentures-Intermediate-SSL-RSA-4096-R1.crl
Signature Algorithm: sha256WithRSAEncryption
Issuer: /C=SC/ST=Mah\xC3\xA9/L=Victoria/O=InterCloud Ventures Inc/CN=InterCloud SSL Certificate CA RSA
Last Update: Apr 5 17:01:54 2019 GMT
Next Update: Apr 12 17:01:54 2019 GMT
55F682A2D378385A
MilleniumSign for EV SSL
http://crls.ssl.com/IntercloudVentures-Intermediate-EV-SSL-RSA-4096-R1.crl
Signature Algorithm: sha256WithRSAEncryption
Issuer: /C=SC/O=InterCloud Ventures Inc/CN=InterCloud Ventures CA for EV SSL RSA
Last Update: Apr 5 17:01:27 2019 GMT
Next Update: Apr 12 17:01:27 2019 GMT
30CCE71C88D96294
MilleniumSign EV SSL Certificate CA RSA
http://crl.ca.pki.africa/IntercloudVentures-Intermediate-EV-SSL-RSA-4096-R2.crl
Signature Algorithm: sha256WithRSAEncryption
Issuer: /C=SC/ST=Mah\xC3\xA9/L=Victoria/O=InterCloud Ventures Inc/CN=InterCloud EV SSL Certificate CA RSA
Last Update: Apr 5 17:00:55 2019 GMT
Next Update: Apr 12 17:00:55 2019 GMT
Assignee | ||
Comment 1•6 years ago
|
||
Hello Kathleen,
All listed issuing CAs were previously revoked, and thus cannot issue new CRLs.
Please let us know if there are any other concerns on this issue.
Regards,
Chris Kemmerer
Reporter | ||
Comment 2•6 years ago
|
||
Closing this bug as invalid because the parent cert is revoked, so CA is unable to create new CRL. CCADB has a revocation status option for "Parent Cert Revoked", but I didn't notice that was the situation here. Since our current batch of additions to OneCRL is large and already verified, I'm going to let it continue as-is.
Updated•2 years ago
|
Description
•